What is Zero Trust security and where should you start?
Posted on June 3, 2022 by Matt Longman
As cyber threats are continually changing and becoming increasingly common, many of which are even more sophisticated than ever, our layers of security must also evolve and innovate.
Since 2020, when the global pandemic threatened to disrupt the ways we work, digital transformation initiatives supported businesses as they went remote. But with employees dialling in remotely, accessing files and data and using applications outside of the office, there’s a greater sense of urgency that we should all be thinking about cybersecurity.
Did you know that more than 80% of breaches occur when lost or stolen credentials are misused within a network? This means that a simple oversight in password strength could open a much larger and costly vulnerability, compromising your business’ data for the worse.
As we know that cybercrime doesn’t just target larger enterprises, everyone is at risk. So, should you upgrade your security now if the threats to your business are growing? Yes. That’s how many start to think about “Zero Trust” and whether it’s the next natural step in the evolution of their security.
What is Zero Trust cybersecurity?
Before any users within your organisation can access data or an application, a Zero Trust approach will enforce strict authentication and authorisation. This means that, at every stage a user tries to interact with your data or an application within your network, they will be continuously validated.
Zero Trust removes assumptions about trusting a user, even if they’re already inside a network. This means security controls become more granular than before.
This addresses a challenge that’s familiar to many modern-day businesses, who need to rethink about how they enable secure remote working as colleagues could be dialling in from any location. This also helps to secure hybrid cloud environments, which are accessed by remote users and where potentially confidential or sensitive data (folders containing financial information, for example) could be compromised to advancing ransomware threats.
Zero Trust, as the title suggests, is all about removing assumptions about a user’s or device’s trust. If a colleague works inside a traditional network, there’s often an assumption of implicit trust, which works like a key and padlock. This means that anyone inside a network can freely access services, applications, and data without the need to verify their trust at every step.
Why now?
Many businesses have transformed digitally over the last two years. With this change, many organisations have undergone cloud migrations, moved into more hybrid models for working, and even started to revisit their security operations. Whilst there are a lot of business benefits that have come from adopting new technologies, including better employee productivity and wellbeing, there are still risks that you should be aware of.
In the US, the National Institute of Standards and Technology (NSIT) recognises certain standards for Zero Trust. After a series of high-profile breaches in 2021, the US president Joe Biden issued plans to transition to NIST 800-207, making Zero Trust an official line of defence against increasing cybercrime. This has caused many private businesses to adopt a Zero Trust policy, using security principles like strict verification of access for resources.
How does Zero Trust work?
Zero Trust removes assumptions about which devices and users to trust before authorising access to data or applications within an organisation. It works by assuming that there could be attackers either within or outside a network, so no device or user is implicitly trusted.
This means thorough vetting of device and user identities is required to gain access to data within a network. This even goes as far as periodically timing out logins, which means devices and users must be reverified time and again.
What’s involved?
There are many different definitions of Zero Trust, but the NIST 800-207 standards are widely adopted by governments and private organisations. Zero Trust, generally, includes a few key rules that ensures enhanced layers of protection.
- “Never Trust, Always Verify”, or, the idea that no device or user is trusted. This also means that verification is ongoing whenever a user or device is interacting with a network.
- Reducing an attack’s “blast radius”, which means minimising the damage and impact of a breach. This slows down the advance of an attack, allowing time for an organisation to either mitigate or respond to a breach.
- Accurate incident response, which means that if security becomes compromised, then there is more situational awareness about a breach.
Is it time for Zero Trust?
Zero Trust could be valuable for your business if:
- You have a lot of remote users on a network
- You manage a cloud network
- There are a lot of (unmanaged) devices on your network, such as an open BYOD policy
When it comes to threats, Zero Trust can address:
- Ransomware
- Attacks on remote users
- Vulnerabilities arising from unmanaged devices
- Threats from insiders
Concerned about cybersecurity?
Protect your business with ramsac
As one of the most trusted providers of cybersecurity solutions and support across London and the South East, we offer you protection and peace of mind.
We will help you carry out a thorough cybersecurity risk assessment and then plan and implement a proportionate response to the results. We also educate end-users and implement internal policies for the safest use of technology and the protection of your data.