Network security

Top 5 Reasons to Take a Zero-Trust Approach to Network Security

zero trust It may seem like just another security buzzword, but organizations are increasingly finding reasons to embrace the zero-trust approach to network security.

In the early days of the Internet, network security professionals borrowed medieval terminology to describe network defenses: Moat, bastion hosts, perimeters, firewall and gateways all were in the network defender’s vocabulary. Back then, basic network infrastructure was as simple as organizations dividing hosts into two categories: internal and reliable versus external and unreliable.

The world has moved away from this model, where internal users are considered trusted employees and anyone who accesses external resources is considered untrusted. Now users accessing resources both internally and externally can span the gamut: employees, consumers, contractors, suppliers, and other trusted and untrusted third parties. The prevalence of BYOD, cloud computing and remote workers also means that secure network access can no longer be routed reliably and securely through firewalls or other security gateways.

Reflecting the growing complexity of network security choices, the concept of zero-trust network security was first formulated by a Forrester analyst in 2009. It has gained acceptance in recent years as Google created — and migrated to — BeyondCorp’s Zero-Trust Security Framework.

Here are the main drivers for moving to a zero-trust approach to network security:

  • the the network perimeter is no longer defensible. Even when companies hid all of their digital assets behind a firewall and bastion network, authorized users and attackers used dial-up connections and firewall exceptions to circumvent perimeter protection. The challenge has only grown as more and more enterprise infrastructures allow employees, customers, contractors, suppliers and other trusted third parties to access network resources through the cloud, BYOD devices and other means. Zero trust flattens the access landscape and allows defenders to grant access more securely.
  • Trust levels can no longer be attached to prior access. The zero-trust approach allows defenders to revalidate access decisions each time access is requested. This eliminates the risk of insiders being granted more access than necessary or employees whose access needs change due to changed job responsibilities. It also provides protections after updates to affiliations with contractors or other third parties and devices or applications that must be revalidated each time they request access.
  • Network security threats continue to escalate as attackers find more and more vectors to exploit. Taking a zero-trust approach to network security means removing what is sometimes called residual confidence network — for example, trust granted to users or systems that access restricted resources from the corporate perimeter or granted access to external users for specific systems that may have been removed. Zero confidence means that none of these vectors can be exploited in any meaningful way.
  • Zero trust allows greater resilience to ongoing attacks. Since the zero-trust architecture’s default security posture is to deny access by default, attackers who manage to find a way into the corporate network will still be blocked when they attempt to gain access. use their access by swiveling once inside.
  • Zero trust gives internal threats the same scrutiny as external threats. The increasing number of users with legitimate reasons to access network resources, coupled with the growing devaluation of the perimeter through the use of BYOD and the cloud, leads to designating users as being internal Where external is increasingly meaningless. Given the prevalence of attack strategies that depend on gaining unprivileged access to an internal system in order to pivot to juicier targets, an internal threat may simply be an extension of an external threat. Using a zero trust approach to network security means there is no need to differentiate between the two types of threat; every potential threat is treated equally.

While there are many compelling reasons to take a zero-trust approach to network security, the main reason to take this approach is because it works. However, just as firewalls were once considered the sine qua non of securing an Internet-connected enterprise, zero trust should be viewed as a transitional state rather than an end goal for security. Defenders must remain vigilant as attackers continue to develop ways to exploit or circumvent security solutions.

This was last published in April 2019

Deepen security operations and management

Source link