Demystifying Zero trust architecture

1.    Introduction to zero trust:

A more and more raging buzz word in the world of information security, Zero Trust Architecture refers to the “defense in depth” approach of implementing security concepts removing the process of automatically trusting actors and devices integrated in network.

Zero trust architecture provides a thorough end to end approach to enterprise resource and data security controls interwoven around identity (person and nonperson entities), credentials, access management, operations, endpoints, hosting environments, and the interconnecting infrastructure.

Zero trust leads to ultimately verifying every single component trying to connect to the system before granting access.

Relying on fine grained methods such as micro-segmentation and granular perimeter enforcement based on users, zero trust helps to control security over controls such as trusting a user, machine or application for gaining access to a part of the enterprise network.

Zero Trust leverages a hybrid combination of technologies including multifactor authentication, Identity access management, orchestration, encryption, file system permissions among other factors such as governance policies in terms of principle of least privilege.

Image source: https://www.techrepublic.com/a/hub/i/r/2020/05/25/a51044d2-0349-4c96-bfdc-7a3af42e13b9d/resize/770x/ce65d7d118b6376fe7c72a4f79148b1a/zero-trust.jpg

2.    Why implement Zero Trust Architecture?

Zero Trust Architecture should be built into a firm’s cybersecurity strategy ideally right from the start or in place of an already established organization, planned to be imbibed in the overall information technology stack.

Due to its defense in depth structure, even if a device or account gets compromised, Zero Trust helps ensure the impact is either mitigated or limited only to the affected device.

To ideally achieve maximum operating efficiency, Zero Trust technologies interact with the different components across data, threat intelligence, public key infrastructure, identity management, network components and vulnerability management systems. 

Based on this, the aim is to further define the Zero Trust Architecture controls in terms of software-defined perimeters, micro-segmentation, identity management etc. or a combination of them.

Whenever a firm wants to transition to zero trust architecture, it is important to do a quick pilot check first which allows to understand effectiveness, smooth operations as well as security hand in hand.

Even after establishing the zero trust architecture, it is important to ensure, the environment is always subject to monitoring and analysis, based on current activity and emerging threats.

3.    Importance of Zero Trust?

Zero Trust is one of the most effective ways for organizations to control access to their networks, applications, and data. It combines a wide range of preventative techniques including identity verification, micro-segmentation, endpoint security and least privilege controls to deter would-be attackers and limit their access in the event of a breach.

This added layer of security is critical as companies increase the number of endpoints within their network and expand their infrastructure to include cloud-based applications and servers. Both of these trends make it more difficult to establish, monitor and maintain secure perimeters.

Finally, by segmenting the network and restricting user access, Zero Trust security helps the organization contain breaches and minimize potential damage. This is an important security measure as some of the most sophisticated attacks are orchestrated by internal users.

4.    Anatomy of Zero Trust Architecture

In Zero Trust, the first step is identification of a “protect surface.” This is made up of the network’s most critical and valuable data, assets, applications and services.

Protect surfaces are unique to every organization as it contains relevancy as per the most critical data for an organization’s operations.

Once we know the protect surface, now the next step goes into understanding the flow of traffic across the organization. This involves understanding the users, the applications being used and the methods of connecting and enforcement of policies ensuring secure access to data.

Understanding all of these, then leads to designing controls in place as close to the protect surface as possible, framing a “micro perimeter” around it.

The micro perimeter essentially integrates with the protect surface, wherever it goes which works hand in hand via deploying segmentation gateway or next-generation firewalls. This helps ensure known, allowed traffic or legitimate applications have access to the protect surface.

Implementing the firewall gateway helps provide granular visibility into traffic and enforcing additional layers of deep inspection and access controls on the required access actors.

Post building the Zero Trust policy around the protect surface, it is important to keep monitoring and maintaining in real time, what should be included in the protect surface, and constant ways to keep improvising.

Zero Trust is also should not be confined to one location but must be proliferated across the entire environment to ensure optimum security in terms of the right users being given the access to the right applications and data in terms of visibility, enforcement and control delivered directly on the device or through the cloud.

A software-defined perimeter fulfills this by providing secure user access and preventing potential data loss, regardless of where the users are, which devices are being used, or where your workloads and data are hosted.

Zero Trust subsequent to this provides deep visibility into the activity and interdependencies across users, devices, networks, applications and data. Segmentation gateways monitor traffic, stop threats and enforce granular access across north-south and east-west traffic within your on-premises data center and multi-cloud environments.  

5.    Core Principles of Zero Trust Model

Now that we have understood zero trust architecture in terms of fundamentals, let’s explore on Zero Trust model’s core principles:

·        Remove default access controls and implemented granular authentication

In a Zero Trust model, by default, no resource is deemed trusted. This model works assuming attackers are both internal and external to the organization and resultant to this, every request to access the system is only granted post thorough authentication, authorization and over encrypted channels.

·        Optimized implementation of preventative security techniques.

§  Multifactor authentication (MFA) is one of the most common ways to confirm the user’s identity and increase the security of the network. MFA relies on two or more levels of security settings, including security questions, email/text confirmation or a proper step-up authentication such as biometrics or a randomly generated pin code to identify the user.

§  Least-privilege access is another control in Zero Trust to prevent attacks as the organization grants the lowest level of access required to each user or device. This largely limits lateral movement across the network reducing the attack surface.

§  Micro segmentation- This control divides perimeters into small zones to segregate access to every part of the network limiting attacks as a containment zone. In case of a breach, attackers remain unable to move outside the microsegment.

·        Real-time monitoring

Real-time monitoring capabilities are another must have control to further implementing a rigid control in a quick timeline in detection of an intrusion helping the organization to detect, investigate and remediate intrusions.

·        Implement a holistic security strategy

A variety of endpoint monitoring, detection and response capabilities should be implemented based on assessment of the organizational structure to ensure the safety of their networks.

1. Assess the organization.

Define the protect surface and identify sensitive data, assets, applications and services (DAAS) within this framework.

Assess the organization’s current security toolset and identify any gaps within the infrastructure. Ensure that the most critical assets are given the highest level of protection within the security architecture.

2. Create a directory of all assets and map the transaction flows. 

Determine where sensitive information lives and which users need access to it. Consider how various DAAS components interact and ensure compatibility in security access controls between these resources as:

·        All data sources and computing services are considered resources.

·        All communication is secured regardless of network location.

·        Access to individual enterprise resources is granted on a per-session basis.

·        Access to resources is determined by dynamic policy—including the observable state of client identity, application/service, and the requesting asset

·       The enterprise monitors and measures the integrity and security posture of all owned and associated assets. No asset is inherently trusted. The enterprise evaluates the security posture of the asset when evaluating a resource request.

 

6.    Benefits of Zero Trust Architecture

Implementing Zero Trust Architecture will bring a number of key benefits with security for any firms including:

·        Greatly deduced threat surface

·        Maximized strength of authentication

·        Increased visibility into all user activity

·        Dynamically provide access based on current use case

·        Reduce an attacker’s lateral movement ability

·        Minimize data exfiltration

·        Protection against both internal and external threats

·        Improved overall security posture both on-premises and in the cloud

 

7.    Reference:

https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-207.pdf

About the author:

Samrat Das is an experienced security architect and researcher currently working with KPMG UAE as an Assistant Manager having over 6 years of cybersecurity experience. His prime domains of work and research include- Offensive security, Red teaming, Exploit writing and SecDevOps.

He can be reached on https://www.linkedin.com/in/samratd9/ or sam9318@gmail.com