Zero trust may seem like just another security buzzword, but organizations are increasingly finding reasons to take the zero-trust approach to network security.
In the early days of the internet, network security professionals borrowed medieval terminology to describe network defenses: Moats, bastion hosts, perimeters, firewalls and gateways all figured into the network defender's vocabulary. In those days, the baseline network infrastructure was as simple as organizations dividing hosts into two categories: internal and trusted vs. external and untrusted.
The world has moved on from this model, where internal users are considered trusted employees and everyone else who accesses resources externally is deemed untrusted. Now, users accessing resources both internally and externally can run the gamut: employees, consumers, contractors, vendors and other trusted or untrusted third parties. The prevalence of BYOD, cloud computing and remote workers also means secure network access can no longer be reliably and securely funneled through firewalls or other security gateways.
Reflecting the increasing complexity of making network security choices, the concept of zero-trust network security was first articulated by a Forrester analyst in 2009. It has gained acceptance in recent years as Google created -- and migrated to -- the BeyondCorp zero-trust security framework.
Here are the top drivers behind the move to the zero-trust approach to network security:
- The network perimeter is no longer defensible. Even when enterprises hid all their digital assets behind a firewall and bastion network, authorized users and attackers used dial-up connections and firewall exceptions to bypass the perimeter protection. The challenge has only grown as more enterprise infrastructure enables employees, customers, contractors, vendors and other trusted third parties to access network resources through the cloud, BYOD devices and other means. Zero trust flattens the access landscape and enables defenders to grant access more securely.
- Trust levels can no longer be pegged to prior access. The zero-trust approach enables defenders to revalidate access decisions every time an access is requested. This eliminates the threat of insiders being granted more access than required or from employees whose access needs change due to changed job responsibilities. It also provides protections after updates to affiliations with contractors or other third parties and from devices or applications that should be revalidated every time they request access.
- Network security threats keep escalating as attackers find more vectors to exploit. Taking a zero-trust approach to network security means removing what is sometimes called residual trust from the network -- for example, the trust that is granted to users or systems that access restricted resources from within the enterprise perimeter or the access granted to external users for specific systems that may have been removed. Zero trust means none of those vectors can be meaningfully exploited.
- Zero trust enables greater resilience to ongoing attacks. Since the default security stance of zero-trust architecture is to deny access by default, attackers who do manage to find a way into the enterprise network will still be stymied when they attempt to utilize their access by pivoting once inside.
- Zero trust gives internal threats the same scrutiny as external ones. The increasing numbers of users with legitimate reasons to access network resources, coupled with the increasing deprecation of the perimeter by the use of BYOD and cloud, means designating users as being internal or external is increasingly meaningless. Given the prevalence of attack strategies that depend on gaining unprivileged access to an internal system in order to pivot to juicier targets means that an internal threat may just be an extension of an external one. Using a zero-trust approach to network security means there is no need to differentiate between the two types of threat; every potential threat is treated in the same way.
While there are many pressing reasons to adopt a zero-trust approach to network security, the primary reason to adopt this approach is because it works. However, just as firewalls were once considered the sine qua non of securing an internet-connected enterprise, zero trust should be viewed as a transitional state rather than an end goal for security. Defenders need to continue to be vigilant as attackers continue to develop ways to exploit or bypass security solutions.