Colleague: Hi, can I use your computer for a minute? I'm having a downtime at the moment.
Me: 🤒
(In my head, I'm such a nice person but the security professional in me is errrmmm, scratches my head.)
What steps would you take if you were in my position?
- Okay, here you go.
- I'm sorry, I can't.
- Please hold on.
While your answer may be based on your current level of understanding, don't beat yourself. I'm about to show you something relatively new.
What does the zero trust security model mean?
The zero trust security model is based on the concept of “never trust and always verify”.
It is a model where even if you are inside a security perimeter or were previously verified, you still have to be checked.
It is a philosophy that preaches, no device should be granted access to connect to the IT system(s) of an organization/individual until authenticated.
In the past, security models implicitly trusted any person or device connected to the network because it had been verified as being legitimate and allowed.
Why was this model developed?
This model strategically focuses on addressing lateral threat movement within the network by leveraging micro-segmentation and granular enforcement, based on user context, data access controls, location, app, and device posture.
In a zero-trust environment, each access request is independently reviewed and confirmed before being approved for use of business resources. This is true whether the request comes from inside the corporate network perimeter or outside of it.
A zero-trust security policy allows access to business resources on a case-by-case basis rather than allowing unrestricted access.
These access decisions are based on role-based access controls (RBACs), where users are only assigned the access and permission necessary for their job roles.
Benefits
You'll agree that the traditional approach to cybersecurity is no longer effective for protecting against modern cyber threats.
The concept and model uses a variety of techniques to detect and block common attack vectors, which include:
a. Least privilege control: Granting permissions only when necessary for performance.
b. Microsegmentation: Creates boundaries around each resource and enforces granular security controls.
c. Strong identity verification: This validates the identity of the requestor by introducing MFA (Multi-Factor Authentication) to verify that the entity making a request is actually who they claim to be and has the right to do so.
d. Behavioral analysis: Monitors a user for any anomalies, and if any are detected; an investigation is launched.
Embracing the model
Information security is undergoing a shift to support digital transformation, and this transformation can be said to be the settlement of a hybrid work environment (home/remote) today.
Taking a critical look at it again, zero trust security remains the best protection against current digital transformation.
To embrace the core functions of zero-trust, do well to include:
Identity, Protection, Detection, and Response to your architecture.
I guess you know what to do now.
Be cautious. Remember the words: "never trust, always verify".
It's 3mins already, see you in my next article...byeee!!