01256 976 650
ElysianIT Limited
Upper Farm, Wootton St. Lawrence,
Basingstoke, Hampshire, RG23 8PE
The traditional security approach automatically trusted users and endpoints within the organizationโs perimeter, putting the organization at risk from malicious internal actors and legitimate credentials taken over by malicious actors, allowing unauthorized and compromised accounts wide-reaching access once inside.
This model became obsolete with the cloud migration of business transformation initiatives and the acceleration of a distributed working environments that have arisen following the global pandemic. In essence, Zero Trust security is a significant departure from the traditional โtrust but verifyโ network security method.
What is Zero Trust Security?
Zero Trust is a cybersecurity strategy designed around the concept that users, applications and data should never be trusted, and their actions should always be verified in an environment.
As a security framework, it assumes that there is no traditional network edge to your organisationโs IT estate and infrastructure. The approach requires all users, whether in or outside of your organisation, to be authenticated, authorised and continuously validates for security configuration and posture before being granted or retaining access to your applications and data.
Zero Trust is as much about your security mindset as it is about specific tools and implementation strategies. Instead of thinking about security as a protective perimeter around resources, you need to assume that your resources are always vulnerable to attack. Threats to applications and data will come from external malicious sources, internal or 3rd party applications, and even authorized users.
The concept is straightforward: Zero Trust assumes that anyone or anything attempting to connect to your cloud services is suspect. A human user may be a potential wrongdoer. An automated process attempting to use your data may be a malware program โ trust no one, assume that every entity is untrustworthy until its identity has been verified!
For todayโs new normal, the framework uniquely addresses the modern challenges of todayโs business, including securing remote workers, hybrid cloud environments, and ransomware threats.
The basis of Zero Trust requires organisations to continuously monitor and validate that users, and devices, have the required right level of privileges and attributes. As an architecture it requires, at a minimum:
Single Sign-on (SSO)
SSO is a great starting point for tackling Zero Trust identity management and is traditionally a stepping off point from a traditional trusted network model. SSO solutions create an authentication token with a single login and password that users can apply a range of enterprise cloud applications. That is, a user can open one application and easily move to another without having to re-verify his or her identity. SSO provides strong security, while enhancing the end-user experience by streamlining provisioning and access to data and applications.
Many organizations use Microsoftโs Active Directory, an SSO solution that provides access to connected resources without requiring additional authentication of users. Active Directory also provides useful management tools, such as user access logs.
However, SSO does not address every risk. When an employee leaves the enterprise, the IT team will likely need to offboard the personโs credentials one application at a time. And, if an employeeโs credentials are compromised, a wrongdoer could potentially gain access to a wide range of applications and databases.
Identity and Access Management (IAM)
At this step you should have centralised and verified application identity management, based on multifactor authentication and role-based security. Centralised IAM provides ease of access to users, while increasing security control with role-based permissions and real-time alerts.
Centralised management of user credentials streamlines the critical task of creating credentials for new workers and disabling the credentials of those who leave. When organisations lack simple, consistent procedures for adding and removing users, they may inadvertently allow departed employees to retain access to sensitive corporate information.
Formalised IAM helps ensure that access policies are applied consistently across the organisation, issuing alerts and alarms when policies are violated through a single pain of glass.
Zero Trust Identity Management
For example, a user request made with valid credentials, but coming from a previously unknown location or device, should trigger a subsequent request for a multi-factor authentication request. A complete Zero Trust environment should leverage machine learning to analyse user behaviour as a component of the authentication process. Deviations from historical behaviour patterns should trigger additional validation and provide alerting to security teams.
At the most mature end of the Zero Trust curve, your organisation should be moving to a completely password-free experience. Using a combination of validation methods such as one-time use access codes, authorised devices, and user behaviour data. At the heart of every Zero Trust implementation is a driving need for continuous verification of user identity, contextual evaluation of user access requests, real-time assignment of least-privilege access rights and a complete audit record of user activity.
