Zero Trust is a security model which states that actors and systems should not be automatically trusted solely because they exist within a security perimeter and are instead constantly verified even when within the network.
Standing in contrast to older systems, where anything within a perimeter was trusted, the Zero Trust model emerged after numerous data breaches were caused by hackers able to move around freely within the network once the external firewalls had been passed. In addition, migration to the cloud has challenged the fundamental concept of secure perimeters, making them harder to define and establish.
With each data breach costing an average of £2.83m in 2020 globally, mitigating their risk has become a major cybersecurity priority for enterprises. With robust authentication which continuously verifies users throughout their sessions, a Zero Trust model can have enormous benefits.
How Zero Trust models work
The foundation of Zero Trust is the ‘Principle of Least Privilege’ - a fundamental security standard which states that users should be given the minimum levels of privileges and access that they require to do their job. By restricting the number of users with additional access beyond the norm to as low a number as possible, the whole system is made more secure – one set of credentials being compromised will only allow access to one set of resources, rather than the entire network.
This contrasts with the more traditional approach, also known as the ‘Castle and Moat model.’ Here, while nobody outside of the network can access any of the data inside, everybody inside the network can, with no granularity of access privileges. Users are fully trusted as soon as they are authenticated.
The Castle and Moat method was common in older networks where almost all resources would be on-premise and remote users would require a VPN for access. Now, however, with enterprises using an average of 288 cloud applications, this approach isn’t just undesirable - it’s not even possible, since a perimeter cannot be established around resources the enterprise does not own.
For Single Sign-On (SSO) solutions, it’s important to make sure that these old weaker security practices aren’t replicated in newer technology. While an SSO solution may permit access to a wide variety of resources and require the user to login once, there are many ways to ensure that the network is effectively compartmentalised and the ‘never trust, always verify’ model applies. Users only need to sign in once, but the authentication process is continuous throughout their session.
Dealing with data breaches
The problem with the Castle and Moat model is that while it may appear secure, it lacks further protection as soon as an account has been compromised. In 2020, the average time to detect a breach was an incredible 228 days, giving hackers free rein for over half a year. Credentials that are used across multiple accounts are always a security risk, but they can make data breaches much more difficult to detect, since the hacker will be logging in with a legitimate identity.
The Zero Trust model mitigates this risk by continually authenticating users, ensuring they are being monitored for suspicious behaviour and require strong authentication factors to access more sensitive material, meaning that an account becoming compromised need not result in a data breach at all.
Step-up authentication exists to balance the competing needs of rigorous security measures and an efficient user experience. Requiring additional authentication factors to access applications greatly increases security, however being asked for this each and every time a user wishes to gain access causes friction and impacts productivity.
With step-up authentication, a user will be able to access some resources with one set of credentials (or be automatically authenticated through SSO), but they will be prompted for additional authentication factors when they wish to access more sensitive resources. In this way, the most valuable data is strictly controlled without users having to undergo extensive authentication processes when performing everyday tasks.
Access Management is a cornerstone of a Zero Trust Security model and helps ensure that users only have access to the applications and data they require, when they require it, and that this access is revoked when no longer required. This is particularly important when users are onboarded and offboarded or otherwise require their application access to be changed. For example, an employee who had access to Salesforce, but then moved to a non-sales role within the business, could have their access to Salesforce automatically revoked using an access management solution.
In line with the “never trust, always verify” approach, access management can help enforce Zero Trust by leveraging step-up and multi-factor authentication which can be applied based on the context of access and the sensitivity of the data being requested. The Principle of Least Privilege, where users are only given access to the tools required to do their job, is enabled by an access management solution which facilitates policy enforcement and automation of access to ensure this principle is applied in practice.
Real-time monitoring and Shadow IT
Some access management solutions allow IT departments to be alerted to the applications being accessed by employees, and quickly add or remove these from the system. In this way, the risk of Shadow IT, where the number of apps being accessed by employees is far larger than IT departments are aware of, can be minimised.
In many organisations Shadow IT can be a thriving industry, with IT departments unaware of the extended threat landscape it creates. When these applications can be identified and included within the access management solution, access polices can then be put in place and the organisation's ability to detect and mitigate the impact of a breach is significantly improved.
Through a combination of these methods, the Zero Trust Security model aims to prevent compromised credentials from becoming a major threat to an enterprise’s data security. Identity and Access Management solutions can lay the foundations for Zero Trust, enabling user access to applications to be managed centrally. This allows additional layers of security to be applied where required, and the automation of the provisioning and revocation of access to ensure the right users have access to only the resources they need, when they need them.