Zero trust is a security concept that starts with the assumption that no connection should be trusted noted by Bahaa Al Zubaidi. Even if an account had been authenticated, the security model says it should not be trusted and re-authentication. It is an extremely secure model and is becoming popular. We look at more about the zero trust architecture, its principles, and how to implement.
Zero trust architecture: concept and principles
‘Never trust, ever verify’ – this is the concept behind Zero trust security model. Zero trust works by applying security policy based on context and not on trust. Traditional security models trust internal users and distrusts external users. In zero trust, all entities are distrusted and everyone authenticated. This approach ensures hackers cannot gain easy access to systems.
The principles followed in zero trust architecture are:
- A context based policy is adopted where access requests and rights are evaluated based on context. Privileges once granted are continuously reassessed.
- Terminate every connection is the principle followed to prevent any malicious software from being spread.
- Users are connected directly to apps and not to the networks. This eliminates the risk of lateral movement of malware. Also, users and apps are not visible online to prevent attacks.
- Policy compliance and device health are also considered under context while approving acces requests and granting rights.
- Separation between individual entities is another core principle. There should not trust between two entities even if they are on the same network or physical location.
- Microsegmentation divides networks into small units to improve security.
- Next Gen Firewall and Secure Access Service Edge technologies are used to take security to the next level.
Implementing zero trust architecture
The following explains how an organisation can go about implementing zero trust architecture:
Step 1: Define attack surface
The attack surface on the areas to be protected should be first defined. At the first stage, focus should be on protecting critical assets and sensitive assets.
Step 2: Start implementing controls
Network traffic should be the basis around which you should start implementing controls. You will need to decide which the network controls to implement are and how to position them.
Step 3: Create the architecture
The architecture is designed around a particular surface or a project. You can start by using a next generation firewall to help segment your network. Implementing multi-factor authentication is another key step you can take.
Step 4: Create policies
The zero trust policies should then be created for each network, user, and device for access.
Step 5: Monitor
Continuous monitoring of the network is essential and it helps you spot issues and address them.
The article has been written by Bahaa Al Zubaidi and has been published by the editorial board of www.techdomainnews.com
