Zero Trust is a shift of network defenses toward a more comprehensive IT security model that allows organizations to restrict access controls to networks, applications, and environment without sacrificing performance and user experience. In short, a Zero Trust approach trusts no one. As more organizations do more computing outside their perimeter in the cloud, security teams find it increasingly difficult to trust or identify who and what should be allowed or trusted with access to their networks. As a result, an increasing number of organizations are adopting Zero Trust as an element or a component of their trust network architecture and enterprise security strategy.

What is a Zero Trust architecture?

A traditional or perimeter network security approach focuses on keeping attackers out of the network but is vulnerable to users and devices inside the network. Traditional network security architecture leverages firewalls, VPNs, access controls, IDS, IPS, SIEMs, and email gateways by building multiple layers of security on the perimeter that cyber attackers have learned to breach. “Verify, then trust” security trusts users inside the network by default. Someone with the correct user credentials could be admitted to the network’s complete array of sites, apps, or devices. Zero Trust assumes the network has been compromised and challenges the user or device to prove that they are not attackers. Zero Trust requires strict identity verification for every user and device when attempting to access resources on a network even if the user or device are already within the network perimeter. Zero Trust also provides the ability to limit a user’s access once inside the network, preventing an attacker who has accessed a network from enjoying lateral freedom throughout the network’s applications.

Threat Visibility and the Zero-Trust Virtual Data Center
Traditional perimeter security lacks the control needed to restrict the movement of attacks and malware inside the perimeter. Segmenting a network with physical security devices allows stronger breach control, but quickly escalates costs and creates change management challenges, especially as workloads become mobile.

The principles of Zero Trust architecture as established by the National Institute of Standards & Technology (NIST) are:

  • All data sources and computing services are considered resources.
  • All communication is secure regardless of network location; network location does not imply trust.
  • Access to individual enterprise resources is granted on a per-connection basis; trust in the requester is evaluated before the access is granted.
  • Access to resources is determined by policy, including the observable state of user identity and the requesting system, and may include other behavioral attributes.
  • The enterprise ensures all owned and associated systems are in the most secure state possible and monitors systems to ensure that they remain in the most secure state possible.
  • User authentication is dynamic and strictly enforced before access is allowed; this is a constant cycle of access, scanning and assessing threats, adapting, and continually authenticating.

Zero Trust benefits

Zero Trust enables organizations to reduce risk of their cloud and container deployments while also improving governance and compliance. Organizations can gain insight into users and devices while identifying threats and maintaining control across a network. A Zero Trust approach can help an organization identify business processes, data flows, users, data, and associated risks. A Zero Trust model helps to set policy rules which can be automatically updated based on those identified associated risks.

Organizations that shift from traditional perimeter security to a zero-trust model increase their level of continuous verification capable of detecting the following methods faster and often stopping them before intrusion occurs:

  • Phishing emails targeting employees
  • Lateral movement through corporate network
  • Redirecting a shell to a service to compromise a corporate machine
  • Stolen developer password
  • Stolen application database credentials
  • Exfiltration of database via compromised application host
  • Compromising application host via privileged workstation
  • Using developer password to elevate application host privileges
  • Accessing privileged workstation
  • Installing keylogger via local privilege escalation on workstation

Zero Trust capabilities can be designed into business processes, services, and systems that, as a result, are better enabled to:

  • Prevent data breaches and contain lateral movement using application micro-segmentation
  • Easily expand security protection across multiple computing and containerized environments, independent of the underlying infrastructure
  • Gain visibility into users, devices, components, and workloads across environment. Identifying what is running and enforcing policies.
  • Continuously monitor and respond to signs of compromise. Logs, reports, alerts that promote detection and response to threats.
  • Ensure organizational security while still providing a consistent user experience
  • Reduce full-time equivalent hours and architectural complexity

Zero Trust, the cloud, and containers

Best practices for implementing Zero Trust

Organizations seeking to implement a Zero Trust security framework must address the following:

  • Identify Sensitive Data – Zero Trust requires an organization to identify and prioritize its data. Know where it lives and who has access to it.
  • Limit and Control Access – A shift to a Zero Trust security model will require establishing limits to users, devices, applications, and processes that will seek access to the identified data. A least-privilege access control model will be limited to a “need-to-know” basis.
  • Detect Threats – Zero Trust requires continuous monitoring of all activity related to data access and sharing, comparing current activity to baselines built on prior behavior and analytics. The combination of monitoring, behaviors, rules, and security analytics enhance the ability to detect internal and external threats.

A successfully implemented Zero Trust security model features the following principles:

  • Authenticated access to all resources – Multi-factor authentication (MFA) is a foundation of Zero Trust security. Zero Trust views every attempt to access the network as a threat. While traditional network security might require a single password to afford access to a user, Zero Trust MFA requires users to enter a code sent to a separate device, such as a mobile phone, to verify they are in fact who they claim to be. Zero Trust models also include access protocols and network access controls.
  • Least privilege-controlled access – Allowing the least amount of access is a principle of zero trust security and its ability to eliminate unauthorized access to data and services and make control enforcement as granular as possible. Zero Trust networks allow access rights only when absolutely necessary, verifying all request to connect to its systems before granting access. Reducing security perimeters into smaller zones to maintain distinct access to separate parts of the network limits lateral access throughout the network. Segmented security becomes more important as workloads become mobile.
  • Inspect and log all activities using data security analytics – Zero Trust models require continuous monitoring, inspection, and logging of traffic and activities. User account baselines should be established to help identify abnormal behaviors that could be malicious activity. Automation can render these functions efficient and affordable for security teams.

Why McAfee Zero Trust?