Zero Trust – A Cyber-Priority
“56% of APAC firms have reported to have experienced a security breach” according to the 2021 Thales Data Threat Report – APAC Edition.
Does this statement scare you?
Cloud apps and the mobile workforce have redefined the security perimeter. Employees are now bringing their own devices, are working from home, and are practicing hybrid work. Data is accessible anytime, anywhere, and are being shared with external collaborators such as partners and vendors outside of the corporate network.
Organizations now, require a new security paradigm that better responds to the complexity of the current modernized environment, which embraces the mobile workforce, and protects people, devices, apps, and data regardless of their location. Zero Trust is based on this principle.
What is the Zero Trust model?
The Zero Trust model assumes a breach and evaluates each request as if it came from an uncontrolled network, rather than thinking everything behind the corporate firewall is safe. Zero Trust educates us to “never trust, always verify,” irrespective of where the request originates or what resource it accesses.
The Guiding Principles of the Zero Trust Model
- Re-evaluate all default controls of access
There is no such thing as a trustworthy source in a Zero Trust model. Potential attackers are presumed to be present both inside and outside the network, according to the model. As a result, every request for system access must be validated, authorized, and encrypted.
02. Make use of a number of preventative measures.
To forestall breaches and minimize their impact, a Zero Trust approach employs a range of preventative measures.
A Zero Trust approach is guided by the principles of identity protection and device discovery. The first step in Zero Trust is to keep credentials and devices in an audit-ready state of identifying what devices exist and which credentials are on each, establishing what is normal and expected on the extended network ecosystem.
Organizations could use successful identity challenges and step-up authentication for anomalies if they understand how these devices and credentials behave and connect.
Multi-factor authentication (MFA) is one of the most widely utilized methods for confirming a user’s identity and enhancing network security. MFA assesses the user’s credibility using two or more pieces of evidence, such as security questions, email/text confirmation, or logic-based activities. The number of authentication factors used by an organization is directly related to network security, which means that introducing more authentication points will help the organization’s overall security.
Zero Trust also safeguards against attacks by using least-privilege access, which implies that each user or device is given the least amount of access allowed. This helps prevent lateral movement across the network and reduces the attack surface in the case of a breach.
Finally, the Zero Trust model utilizes micro-segmentation to contain attacks. Micro-segmentation is a security method that involves splitting perimeters into small zones in order to preserve independent access to every portion of the network. This can be accomplished by devices and functions, or by identifying and controlling groups and users, which is the most successful method. In the event of a breach, the hacker will be unable to explore beyond the microsegment.
- Allow real-time monitoring and controls to quickly detect and stop unwanted activities.
While a Zero Trust model is mostly preventative, the organization should also include real-time monitoring tools to monitor the crucial window between when an invader compromises the first machine and when they can gain access to other systems on the network. The ability of the company to detect, investigate, and remedy breaches depends on real-time monitoring.
Identity challenges must occur in real time at the domain controller rather than being logged and sent to a SIEM. Brute force attacks on credentials and suspicious movement to critical systems like the domain controller must be blocked or challenged immediately, and then reported to monitoring systems to be compared to other intrusions and attempts.
- Align with the overall security plan.
A Zero Trust architecture is only one element of the overall security plan. To guarantee the security of their networks, businesses must embrace a holistic security solution that includes a variety of endpoint monitoring, detection, and response capabilities.
Wherever possible, companies should review (and replace) older or obsolete authentication protocols, getting rid of “easy access” for identity attacks. Patch all devices, services, apps, and firmware as soon as possible when software providers report new zero-day vulnerabilities, as has been recommended since the earliest times.
In the event of any unforeseen incidents or possible breach, having a solid incident response plan, and also business continuity and recovery plans, can assist on both ends.
Why do you need Zero Trust?
Every access point that hosts, stores, or accesses corporate resources and services defines the new perimeters, rather than by the organization’s physical location(s). Interactions with corporate resources and services are increasingly circumventing perimeter-based security architectures that rely on network firewalls and VPNs on-premises. Visibility, integration, and agility necessary to supply timely, end-to-end security coverage is missed out by organizations that rely primarily on on-premises firewalls and VPNs.
Concisely, with the current COVID-19 pandemic, 65% of APAC firms have been compelled to adapt their business practices while preserving the security of their data with the Zero Trust concept. If you are, one of the 35% organizations, still relying on on-premises firewalls and VPNs to prevent network access, trusting that everything inside the network is secure, this is a nudge from us to you, to start planning for Zero Trust as a cyber-priority.
Let’s talk about how we can get you and your organization started on the path to Zero Trust, no matter where you are in your digital transformation journey.
Join the CIO’s Toolbox to get a weekly-valuable-non-intrusive newsletter.
You got my words!