“Trust no one.” That was one of the taglines for The X-Files, the popular science-fiction television series about FBI agents who investigate a series of bizarre, supernatural cases. It’s also becoming a mantra for modern network security
Faced with relentless cyber threats and expanding attack vectors, network security pros have begun to embrace a “zero trust” model as an alternative to traditional perimeter-focused protections. This model effectively makes identity the new security perimeter by assuming that everyone and everything accessing network resources is a threat until their identities have been verified and validated.
It’s a radical departure from conventional practices that use firewalls and other perimeter defenses to create barriers between the public Internet and private networks. That approach is no longer effective as we increasingly depend on resources that live outside the firewall.
Today’s mobile employees commonly use multiple personal devices to reach beyond the old network perimeter and gain anytime/anywhere access to data, applications, and services from multiple data centers and the cloud.
This back-and-forth access between public and private networks allows users to be more productive and efficient, but it also opens the door to new cyber threats. Sophisticated and stealthy threats such as fileless malware and advanced persistent threats (APTs) often piggyback on approved apps to get inside a network. Once inside, they capitalize on the presumption of trust inside the firewall to remain undetected for long periods, moving laterally within the network to gather credentials and other valuable information.
The zero trust model addresses these challenges through the application of three key principles: verify the identity of every user, validate every device, and limit access privileges.
Identity and access management (IAM) solutions provide a framework for verifying user identities. These solutions integrate a variety of tools such as multifactor authentication, user provisioning, password management, and single sign-on into a comprehensive platform. Even after verification, however, users, devices, and apps should gain only conditional access; all activity must be continually inspected and evaluated to guard against deviations from defined policies.
Privileged access management (PAM) is especially critical to a zero trust network. Privileged account credentials give administrators and other key IT staff broad network access to perform essential management and maintenance functions. That makes privileged accounts a high-value target for hackers. According to a recent Forrester survey, 80 percent of all IT security breaches involve compromised privileged account credentials.
With PAM, organizations can minimize risk by centrally securing and managing privileged credentials. Best-in-class PAM platforms such as CyberArk’s Core Privileged Access Security provide for monitoring and analysis of privileged session activity.
PAM also makes it possible to enforce least-privileged access policies while enabling users to temporarily obtain elevated access as needed for legitimate business purposes. This is an important defense against APTs and stealthy malware. Even if these threats get inside a network, privilege restrictions ensure they won’t get unfettered access to critical systems and data.
For decades, network security practices focused on creating a barrier between trusted users, devices, and apps and the outside world. That doesn’t fit with modern work styles that require more fluid movement between public and private networks. Call us to learn more about the zero trust model and the supporting technologies that provide a new focus for network security.
For more information about the Zero Trust model, please send us an email at (firstname.lastname@example.org).