Chris Visagie, Solutions Executive, iOCO Security Solutions, unpacks Zero Trust
Covid-19, and the worldwide lockdown that followed, saw the focus shift overnight to remote work with executives scurrying to adopt a remote work strategy. Now, hybrid work has introduced new challenges, particularly on the security front.
An analysis of the current operating environment shows a distinct shift to the cloud utilising various models (public private, and hybrid). Examples include Infrastructure as a Service (IaaS); Platform as a Service (PaaS) and Software as a Service (SaaS).
Adding to the melting pot of networks and systems are various combinations of these, such as Identity as a Service (IDaaS) and Network-as-a-Service (NaaS). Furthermore, hybrid approaches are becoming more common, where critical legacy systems remain on-premise and new platforms are shifting to cloud models.
Unauthorised access on the rise
Research has shown that unauthorised access multiplied due to the lockdown and the method of attack evolved. Threat actors have moved their focus away from the perimeter (network) to the individual, and specifically to the individual’s credentials. And once compromised they start moving laterally. This vector shift is supported by the Verizon Data Breach Investigations Report (DIBR), which outlines a significant increase in social engineering and phishing attacks. Evident in most of these data breaches are stolen credentials.
Identity has become the cybersecurity perimeter we must use to protect our workforce. Every user, element, device, application needs to be monitored and secured. Ongoing authentication is a must. Security managers across the globe are struggling with the complexity, which often results in stringing together different cyber defence technologies to protect the network.
Zero Trust to the rescue
Originally coined by Forrester Research, the term ‘Zero Trust’ describes a model of information security. The creation of micro-perimeters and strengthened data security using techniques which confuse the perpetrator, can limit the risks associated with excessive user privileges and access, and improve security detection and response with analytics and automation.
With this approach, devices and users may not be managed, so how do we start to think about trust in this world? The Zero Trust model must start with identity as the foundation of access management.
At its core, the Zero Trust model ensures the right people have the right level of access, to the right resources, in the right context, and that access is assessed continuously without adding complexity to the user community. The management of identity then forms the foundation of the Zero trust model, with a variety of preventative techniques to stop breaches and minimize damage.
The various stages of managing identity as a preventative mechanism are defined as:
- Fragmented Identity
- Unified Identity and Access Management (IAM)
- Contextual Access
- Adaptive authentication
Adopting a Zero Trust security model requires an enterprise to focus resources on securely enabling access for all users.IT departments need full visibility and control over who needs access to what resources, and the extent of that access across the entire user lifecycle. To do this is to achieve the essence of the Zero Trust model.