Zero Trust: Authenticate and Control Access to Your Network
What is Zero Trust?
Zero Trust is a philosophy and a related architecture to implement this ‘no trust’ way of thinking founded by John Kindervag in 2010. The principle is to never trust anything by default, therefore every access request should be authenticated and authorized as if it originates from an open network. You cannot control or secure everywhere your data must go in today’s world.
What are the benefits of Zero Trust?
Success in businesses today means assuring your consumers of their online safety. No one wants their organization to be the one that makes their customers’ fears come true. This is also true for non-consumer-based companies that need to ensure their “crown jewels” and competitive information are not stolen and ransomed.
No matter your industry, you have constituents who depend on you to protect their data and privacy. You have valuable data that others covet and you have business operations that hackers can interrupt at great cost to your reputation and financial wellbeing. The pandemic has served as a wake-up call for many cybersecurity leaders to shift from a strategy of preventing intrusions to dealing with them effectively by shrinking the attack surface and preventing data exfiltration and ransomware that leaves your business continuity plan in tatters.
With a Zero Trust model you employ a more identity and data-centric approach to address security risks.
What is Zero Trust architecture?
A Zero Trust Architecture uses the principles of zero trust to enforce a higher level of security authorization requiring users and devices to prove their identities and trustworthiness before accessing your network.
What is ZTNA?
Zero Trust Network Access (ZTNA) dictates point-to-point secure access over an encrypted channel that is restricted to a set of source and destination devices only. This access must be governed using multifactor authentication, authorization and adequate logging and alerting controls. ZTNA is especially needed when remote access and management is a necessity for your business.
What is a Zero Trust model?
There are three key components to a Zero Trust model:
- User/Application authentication – You must authenticate the user or application (in cases where applications are requesting automated access) irrefutably to ensure that the entity requesting access is indeed that entity.
- Device authentication – Just authenticating the user/application is not enough. You must authenticate the device requesting access as well.
- Trust – Access is then granted once the user/application and device are irrefutably authenticated.
Essentially, the framework dictates that you cannot trust anything inside or outside your perimeters. The Zero Trust model operates on the principle of 'never trust, always verify’. It effectively assumes that the perimeter is dead and we can no longer operate on the idea of establishing just a perimeter with a lower level of security inside where everything is trusted. This has unfortunately been proven ineffective through multiple breaches where attackers simply entered the perimeter through trusted connections via tactics such as phishing.
What are the steps to implement a Zero Trust model?
Traditional perimeter security can't scale to meet your constantly evolving business requirements and threats. In dynamic, online environments, a Zero Trust model provides a commonsense approach to cybersecurity that includes these 5 key steps.
How to create a Zero Trust network?
Zero Trust is an architecture that requires several key technologies and processes to implement including:
- Micro-segmentation – the foundation for Zero Trust which allows administrators to program security policies based on where a workload might be used, what kind of data it will access, and how important or sensitive the application is
- Multifactor authentication – enforces strong authentication
- Identity and access management – irrefutably authenticates the user/application and the device
- User and network behavior analytics – understands the relative behaviors of the user and the network they are coming from and highlights any unusual behavior compared to a pre-established baseline which may indicate a compromised identity
- Endpoint security – ensures the endpoint itself is clean and will not act as a conduit for an attacker to gain unauthorized access to data
- Encryption – prevents sniffing of traffic on the wire
- Scoring – establishes a ‘score’ based on the parameters above that will then determine whether access can be granted or not
How to implement a Zero Trust network with Unisys Stealth®
Corporate networks today extend well beyond the traditional boundaries once imposed by the company LAN and the four walls of the data center. Access to sensitive information and applications from branch offices, IoT devices, mobile employees, partners, vendors, customers, suppliers, and cloud-based workloads are pushing the network edge farther and farther away from the control of IT.
What hasn’t changed, however, is corporate data centers still serving as the hub of this ever-expanding network of interconnected devices, people, and data. This makes data centers attractive targets for hackers because they typically house an organization’s most sensitive data and applications.
Unisys Stealth® is software defined security. It simplifies yet improves network security and serves as the backbone of your whole-network Zero Trust strategy. Stealth™ blankets every corner of your organization’s computing environment with one holistic, consistent, and unwavering security policy—from mobile phones and desktops, to servers, cloud environments, and even IoT.
In fact, the orchestration and deployment are highly automated and centrally managed. As your security policies evolve, changes can be made once and instantly propagated across the enterprise. Meanwhile, Stealth™ monitors and enforces all your Zero Trust policies, automatically isolating violators and alerting administrators. With Stealth™ Zero Trust, security is seamlessly woven into the fabric of your entire network. It’s the engine that drives your speed to security and speed to market.