What is zero-trust security?

While many would simplify zero-trust definitions as “trust no one and nothing” or “never trust, always verify,” these are somewhat limited. Instead, the concept at the core of zero trust is that assuming trust in anyone or anything, even underlying components, in an interconnected system creates significant security risk. Trust needs to be established and continuously validated using dynamic, contextual security policies and various technology mechanisms. 

The approach leverages micro-segmentation using granular policy controls to divide the network into smaller segments and isolated workloads. Policies are context-based, according to identity, location, device, the content being accessed, and the application. Policies are dynamic, so they are re-assessed regularly and adapted as the context changes.

Data and resources are inaccessible by default, and connections are only granted strictly controlled access after they have been authenticated and authorized. This process is applied for any user or connected endpoint, and identity is continuously authenticated. In addition, all network traffic is logged, monitored, and analyzed closely for any signals of a compromise. 

Here is a simpler way to think about it: Imagine your network and infrastructure as a top-secret government facility, and zero trust is the security system. It might include standard perimeter security and alarms and sensors to detect unauthorized access. 

Zero trust adds security to all access points inside of the perimeter. Every wing and each room in the building is also kept locked at all times and the doors are controlled using a biometric access system. Even after you pass through security at the front entrance, you will need to scan your fingerprint to prove your identity at each door and will only be allowed to pass through it if you have the proper security clearance. You are only allowed to enter areas you need to go into and stay for the time needed to complete your business. 

The zero-trust model includes multiple implementations today, including zero-trust network access (ZTNA), zero-trust architecture (ZTA), and zero-trust edge (ZTE). However, they are all built on the same core concepts. 

Here are the three zero-trust principles that shape the model: 

1. Assume all network traffic is a threat, at all times. Zero trust takes the view that every user is hostile and that threats are omnipresent, both inside and outside the network. Therefore, any traffic that does not have explicit permission is automatically denied access. Every device, user, and network flow is authenticated, authorized, and validated when requesting access on an ongoing basis.
2. Enforce least-privileged access. Zero-trust security approaches grant least-privilege access, the minimum privileges and access to the necessary resources when they are needed without impacting the ability to complete a task. Least-privilege access helps restrict attackers from moving laterally to more critical resources if an account or device is compromised. 
3. Always monitor. The zero-trust model advocates for continuous monitoring and analyzes and manages activity on the network at all times. This enables real-time understanding of what entities are trying to access resources and helps identify potential threats, active incidents, and any anomalies that should be investigated. 

These zero-trust principles originally outlined by Forrester also align with the zero-trust framework developed by the U.S. National Institute of Standards and Technology (NIST). We highly recommend reading NIST’s framework for guidance on the practical steps needed to implement a zero-trust security model in your own organization. 

Some of today’s most prolific data breaches are not just the result of an attacker finding a way to breach the network perimeter. With the rise of cloud computing and remote workforces, many organizations are struggling to defend increasingly distributed environments and a porous perimeter. Data is now generated, stored, and shared across multiple services, devices, applications, and people, and accessed from anywhere in the world.

Many threat actors have discovered that exploiting network weaknesses and gaps in coverage in hybrid cloud environments is a lucrative business. Increasingly, serious breaches are the result of compromised accounts through social engineering and other sophisticated techniques, accidental or intentional inside threats, and weaker security practices of third-party vendors. 

Security teams now recognize that threats are just as likely to come from inside the network as they are from outside of it. 

Organizations have attempted to implement defense-in-depth layered security measures, which aim to offer redundancies and backup security should one measure fail. However, this approach is often expensive and complex to implement, manage, and maintain—especially with the need to constantly adapt and modify everything as new systems, people, services, and devices are introduced.  

Zero trust incorporates defense-in-depth strategies, but the goal is to minimize the threat surface and build environments that are inherently secure without having to identify and mitigate every single potential threat. The focus is to stop access to mission-critical assets and prevent attackers from moving laterally through the network in real time. Zero trust provides a unified security approach that offers comprehensive, adaptable protection of distributed environments while still allowing secure access.  

Here are some of the biggest challenges of using zero trust: 

• Being consistent. Done right, zero trust can provide superior security as advertised. However, it also requires that organizations be consistent with strategy. Most organizations will need to make changes in stages as they shift away from traditional security solutions, but they will also need to ensure no gaps develop along the way. 
• Inhibiting productivity. Zero trust adds extra security steps to most workflows and can affect productivity if they are implemented incorrectly. The key is finding the right balance in strategy between supporting work and achieving a strong security posture. If processes become too disruptive, individuals may try to circumvent them. 
• Combating insider threats. While zero trust can help mitigate insider threats through least-privilege access, it is not a silver bullet. Attackers frequently find ways to gain access by stealing credentials using tactics like phishing or scareware to trick people into sharing sensitive information. Or, in worst case scenarios, you may be dealing with a malicious party intent to abuse their privileges. In order for zero trust to be effective against insider threats, you will need to be able to monitor and detect any pattern anomalies throughout your entire organization.
• Maintaining policies and architecture. Your business is constantly growing and evolving, which means zero-trust policies and permission structures will also need to be constantly updated. Zero-trust models rely on precisely defined policies and effective policy administration, which must also be proactively maintained and configured to prevent breaches.