Your most faithful employees? You can’t trust them. Your most loyal customers? You can’t trust them either. Your most dedicated vendors? Uh-uh. It’s not personal – in the new era of digital security. No one gets a free pass.
What we’ve discovered over the last few years is that literally, no one is above suspicion. Even if your employees aren’t actually selling your secrets on the Dark Web (they’re probably not), attackers will gladly take over their accounts and do it on their behalf. All it takes is a moment of inattention, clicking on a link that doesn’t look too suspicious, and suddenly your account belongs to someone else.
Enter zero-trust philosophy, which puts a microscope over everyone in your network. Unlike with a network perimeter or the defense-in-depth concept of multiple nested perimeters, there’s no part of your network in which, once inside, users and attackers can roam around without scrutiny. This prevents attackers from abusing access (which in any case, they are less likely to achieve) and flags them at the earliest possible opportunity. Here’s how to make it happen.
Zero Trust Means Zero Trust
When creating a zero-trust network, the key idea to keep in mind is that users may abuse any extra privileges they’re granted. As an example, let’s take a look at what not to do. Social media companies are widely known for allowing some users more access than others, which has inevitably led to embarrassing breaches. Here’s one of the latest examples:
If you have children, then you probably know that Facebook has launched a Messenger Kids app. This is a version of Facebook’s chat application with a crucial difference – children who use the app can only talk to users that their parents specifically approve. This addresses the dangers of kids talking to strangers on the internet. It’s also – conceptually speaking – a decent stab at the zero-trust concept.
Unfortunately, Facebook screwed up. If one kid started talking to an approved friend on the application, that was okay. That other approved kid, however, had the option to turn a one-on-one chat into a group chat. Once the group chat was underway, they could add people that weren’t specifically approved by the first kid’s parents – which led to children talking to strangers.
A zero-trust mindset could have prevented this scenario in a number of ways. You could forbid people from making group chats altogether. Or you could allow people to make group chats solely with other users that were authorized for all participants. No matter how you’d address this situation, a Zero Trust approach would start with the assumption that any user with broad privileges may possibly abuse those privileges – and by doing so, lead to a solution that keeps all users safe.
What Are the Components of Zero Trust?
The thing to remember about Zero Trust is that it is not a single technology. Rather, it’s a philosophy. We’re throwing away the idea of a single perimeter, or a nested perimeter, and we’re sticking to the idea that every user on the network is potentially compromised. Here’s an example of how that would work in action:
Multifactor authentication (MFA)
When companies use MFA correctly, it can block up to 76% of targeted attacks. Most companies don’t, however – over 60% of employees refuse to use it. Make MFA mandatory, and adopt the technologies on this list to block the other 24% of attacks.
Identity and Access Management is another thing that most companies have, but which many companies don’t use correctly or comprehensively. Zero Trust is founded on the idea of enforcing the principle of least privilege – users must have the least amount of access they need to accomplish a task.
With the concept of defense in-depth, the network is organized into several nested perimeters. If an attacker gets by one perimeter, their movement is limited. Orchestration can take this further with virtual network segments that lets each user access only the small number of tools and files they need.
Your users and your network have set behavior patterns. Your users log in at nine and log out at five, and your network has a corresponding increase in traffic. When that pattern changes, it could be a sign of an impending breach.
If you’re just encrypting your files, you’re doing it wrong. Encryption in a zero-trust context means encrypting all connections to the internet, all connections within your network, and all your data both when it’s in motion and when it’s at rest.
How do you know when your network is at risk? In a zero-trust context, you assign trust scores. If your device is logging on from a flagged network, it loses a point. If it doesn’t have the latest patches installed, it loses another one. If it fails to authenticate, it loses another. Lose too many points and the network flags an administrator and restricts your access.
Zero Trust Browsing
Every user inside your network is a potential bad actor – and every website outside your network is a potential malware vector that converts good actors into bad actors. Zero trust browsing lets your users browse the internet by mirroring a containerized browser in the cloud. When the containerized virus encounters a phishing site, malware gets trapped in the container and can’t infect the host computer – and the container is destroyed when the session ends.
All of these components work together to make zero trust a reality – but they also need the policy to make it work. Zero trust policy means making every user input both their main password and a one-time password when they log in, adhering to the principle of least privilege, and applying these policies uniformly across the entire org chart. With these overlapping security protocols in effect, even the most talented attacker will have a very hard time gaining purchase on your network.