Zero trust is a security model used to secure an organization based on the idea that no person or device should be trusted by default, even if they are already inside an organization’s network. A zero-trust approach aims to remove implicit trust by enforcing strict identity authentication and authorization throughout the network, not just at a trusted perimeter. In this model, every request to access resources is treated as if it comes from an untrusted network until it has been inspected, authenticated, and verified.
Forrester Research analyst John Kindervag first proposed the zero-trust security model in 2010. It marked a shift away from traditional IT security models, which primarily focus on defending access at the network perimeter and assume everything inside can be trusted.
Unfortunately, the traditional approach offers little defense if attackers gain access to a network. Once in, attackers can move freely and attempt to extend their access to high-value data and assets—a technique known as lateral movement. Today, this is even more problematic in modern IT environments as resources and data are spread out, making it difficult to implement security control over a network from a single point.
A zero-trust approach can help companies strengthen their IT environment security and help them limit or prevent attacks.
Learn more about how Google implements its BeyondCorp zero-trust cloud security model to shift access controls from network perimeter to individual users and devices.
Zero trust is a cloud security model designed to secure modern organizations by removing implicit trust and enforcing strict identity authentication and authorization. Under zero trust, every user, device, and component is considered untrusted at all times, regardless of whether they are inside or outside of an organization’s network.
While many would simplify zero-trust definitions as “trust no one and nothing” or “never trust, always verify,” these are somewhat limited. Instead, the concept at the core of zero trust is that assuming trust in anyone or anything, even underlying components, in an interconnected system creates significant security risk. Trust needs to be established and continuously validated using dynamic, contextual security policies and various technology mechanisms.
The approach leverages micro-segmentation using granular policy controls to divide the network into smaller segments and isolated workloads. Policies are context-based, according to identity, location, device, the content being accessed, and the application. Policies are dynamic, so they are re-assessed regularly and adapted as the context changes.
Data and resources are inaccessible by default, and connections are only granted strictly controlled access after they have been authenticated and authorized. This process is applied for any user or connected endpoint, and identity is continuously authenticated. In addition, all network traffic is logged, monitored, and analyzed closely for any signals of a compromise.
Here is a simpler way to think about it: Imagine your network and infrastructure as a top-secret government facility, and zero trust is the security system. It might include standard perimeter security and alarms and sensors to detect unauthorized access.
Zero trust adds security to all access points inside of the perimeter. Every wing and each room in the building is also kept locked at all times and the doors are controlled using a biometric access system. Even after you pass through security at the front entrance, you will need to scan your fingerprint to prove your identity at each door and will only be allowed to pass through it if you have the proper security clearance. You are only allowed to enter areas you need to go into and stay for the time needed to complete your business.
The zero-trust model includes multiple implementations today, including zero-trust network access (ZTNA), zero-trust architecture (ZTA), and zero-trust edge (ZTE). However, they are all built on the same core concepts.
Here are the three zero-trust principles that shape the model:
These zero-trust principles originally outlined by Forrester also align with the zero-trust framework developed by the U.S. National Institute of Standards and Technology (NIST). We highly recommend reading NIST’s framework for guidance on the practical steps needed to implement a zero-trust security model in your own organization.
Some of today’s most prolific data breaches are not just the result of an attacker finding a way to breach the network perimeter. With the rise of cloud computing and remote workforces, many organizations are struggling to defend increasingly distributed environments and a porous perimeter. Data is now generated, stored, and shared across multiple services, devices, applications, and people, and accessed from anywhere in the world.
Many threat actors have discovered that exploiting network weaknesses and gaps in coverage in hybrid cloud environments is a lucrative business. Increasingly, serious breaches are the result of compromised accounts through social engineering and other sophisticated techniques, accidental or intentional inside threats, and weaker security practices of third-party vendors.
Security teams now recognize that threats are just as likely to come from inside the network as they are from outside of it.
Organizations have attempted to implement defense-in-depth layered security measures, which aim to offer redundancies and backup security should one measure fail. However, this approach is often expensive and complex to implement, manage, and maintain—especially with the need to constantly adapt and modify everything as new systems, people, services, and devices are introduced.
Zero trust incorporates defense-in-depth strategies, but the goal is to minimize the threat surface and build environments that are inherently secure without having to identify and mitigate every single potential threat. The focus is to stop access to mission-critical assets and prevent attackers from moving laterally through the network in real time. Zero trust provides a unified security approach that offers comprehensive, adaptable protection of distributed environments while still allowing secure access.
Increased visibility
Zero-trust security requires businesses to know where assets are located and continuously monitor what identities are accessing resources and how. This improves visibility and context of traffic, asset inventory, and risk management.
Limit the blast radius of breaches
Since identities are given least-privilege access, zero trust helps to limit the scope of damage if and when a breach does occur. This allows teams to respond and mitigate attacks faster, and minimizes the risk of further exposure.
Access control in modern IT environments
With zero-trust architecture, security policies are based on identity and associated with specific workloads. This puts security close to the assets being protected, allowing it to travel with the workload, regardless of the environment.
Consistent, adaptable security
Security policies are centrally managed in zero-trust models and rely on automation to help migrate and update policies according to context. Security becomes more agile and scalable, while also reducing the burden on administrators.
Reduced attack surface and risk
Zero trust isolates traffic and creates network segments that prevent lateral movement and stop any potential infections from spreading to critical resources. Any suspicious activity can be inspected and identities re-verified again with policies and controls, decreasing the chance of a successful breach.
Continuous compliance
Under zero trust, all traffic and requests are logged and evaluated. In addition, it locks down access to resources. This not only provides a clear audit trail if a breach does occur, but also makes it easier to prove that you have done everything possible to meet data privacy requirements and standards.
Here are some of the biggest challenges of using zero trust:
Start building on Google Cloud with $300 in free credits and 20+ always free products.