Live Cyber Attack Lab 🎯 Watch our IR team detect & respond to a rogue insider trying to steal data! Choose a Session

X

What is Zero Trust? A Security Model

Data Security

an illustration of a pad lock and a person on a computer and a file against a navy blue background

Zero Trust is a security model developed by former Forrester analyst John Kindervag in 2010. Since then, Zero Trust has become one of the more popular frameworks in cybersecurity. Recent massive data breaches prove that companies need to be more proactive about cybersecurity, and a Zero Trust model might be the right approach. 

Zero Trust says to trust no one, not even users inside the firewall. Zero Trust means that every user and device should have their credentials verified every time they access any resource inside or outside the network. 

Read on to discover more about the Zero Trust security framework.

How Zero Trust Security Works

Title: Zero Trust Security Model. Subtitle: Zero Trust says to trust no one, both inside and outside of the network. Use visibility, analytics and automation to keep policies in check. Copy: Zero Trust Data, Zero Trust Networks, Zero Trust Workload, Zero Trust People, Zero Trust Devices

Zero Trust security has evolved into a holistic approach to cybersecurity that involves several technologies and processes. The goal of Zero Trust security is to protect the company from advanced cybersecurity threats and data breaches, while helping the company achieve compliance with FISMA, HIPAA, PCI, GDPR, CCPA, and any future data privacy and security laws.

Here are the focus areas for the Zero Trust Framework. Forrester recommends organizations address each of these focus areas to build the best Zero Trust security strategy. 

  • Zero Trust Data: Your data is the thing attackers want to steal. So it makes sense that the first pillar of the Zero Trust Framework is to protect your data first, not last. This means companies need to be able to analyze, protect, classify, monitor and secure their enterprise data. 
  • Zero Trust Networks: Attackers have to be able to navigate your network to steal data, and it’s your job to make that as difficult as possible. Segment, isolate and control your network with technology like next-gen firewalls that are designed to do just that. 
  • Zero Trust People: Humans are still the weakest link in your security strategy. Limit, monitor, and strictly enforce how your users access resources both inside the network and on the internet. Establish VPN, CASB, and more to keep your users protected.
  • Zero Trust Workloads: A workload is a term used by the infrastructure and operations team to mean the entire stack of applications and back-end software that enable your customers to interface with your business, and unpatched customer-facing applications are a common attack vector you must defend. Treat the entire stack from hypervisor to web front-end as a threat vector and protect it with Zero Trust compliant controls.
  • Zero Trust Devices: Because of the Internet of Things, (e.g., smartphones, smart TVs, and smart coffee makers), the number of devices that live on your networks has exploded in the past few years. These devices are a potential attack vector and should be segmented and monitored like any other computer on your network.
  • Visibility and Analytics: In order to enforce Zero Trust principles, empower your Security and Incident Response teams with the visibility of everything going on in your network – and the analytics to make sense of it all. Advanced threat detection and user behavior analytics are key to staying on top of any potential threats in your network.
  • Automation and Orchestration: Automation helps keep all of your Zero Trust compliant systems up and running, and your Zero Trust policies enforced. Humans are not capable of keeping up with the volume of monitoring events necessary to enforce Zero Trust.

3 Principles of the Zero Trust Security Model

Title: Zero Trust Principles Copy: Require secure and authenticated access to all resources Adopt a least privilege model and enforce access control Inspect and log all activities using data security analytics

  1. Require secure and authenticated access to all resources.

The first basic principle of Zero Trust is to authenticate and verify all access to all resources. Each time a user accesses a file share, application, or cloud storage device, you have to re-authenticate that user’s access to the resource in question. 

You have to assume that every attempt at access on your network is a threat until confirmed otherwise, regardless of location of access or hosting model.

  1. Adopt a least privilege model and enforce access control.

The least privilege access model is a security paradigm that limits each users’ access to only the access they need to do their job. By limiting each user’s access, you prevent an attacker from gaining access to large amounts of data with a single compromised account.

Use Role Based Access Control (RBAC) to enforce least privilege and empower data owners to manage access to their data. Audit access and group memberships on a regular schedule.

  1. Inspect and log everything.

Zero trust principles require inspection and verification of everything. Logging every network call, file access, and email for malicious activity is not something a human or an entire team of humans can do. 

Apply data security analytics to your monitoring to detect threats to your network so that you can more easily spot brute force attacks, malware infiltrations, or surreptitious exfiltration.

Implementing A Zero Trust Model

Title: How to Implement Zero Trust Copy: Update your cybersecurity strategy, to comply with Zero Trust go through the key principles and see if your strategy needs change Analyze your current technology stack and decide if you need to update or replace any tech to achieve Zero Trust, check in with vendors too Be methodical and deliberate as you implement Zero Trust, set reasonable goals and move at a steady pace, don’t rush the process

Here are some key recommendations to implement the Zero Trust framework.

  • Update every element of your cybersecurity strategy to comply with Zero Trust: Identify any parts of your current strategy and technology that don’t comply with the Zero Trust principles listed above and update them.
  • Analyze your current technology stack and determine if you need to update or replace any tech to achieve Zero Trust: Approach your technology vendors and ask them how they comply with Zero Trust. Seek out new vendors for any additional solutions you need to implement a Zero Trust strategy.
  • Be methodical and deliberate as you implement Zero Trust: Don’t be hasty. Set measurable touchpoints and achievable goals. Ensure that your new vendors match their implementation to Zero Trust principles.

Zero Trust Model: Trusting Your Users

Zero Trust is kind of a misnomer, but ‘Trust Zero Things but Verify Everything” doesn’t have the same ring to it. You do need to trust your users if – and this is a big if – they have the appropriate authorization and your monitoring doesn’t detect any shenanigans. 

Zero Trust with Varonis

Varonis provides a data-centric security approach to implement Zero Trust in your company. 

  • Varonis scans permissions and folder structures to help you achieve least privilege access, establish data owners, and implement a workflow to empower data owners to manage access to their data. 
  • Varonis classifies your data and identifies PHI, PII, GDPR, PCI, HIPAA, and more so you can add extra security and monitoring to your most sensitive data, and more easily meet compliance.
  • Varonis monitors and analyzes file access, Active Directory, VPN, DNS, proxy, and email activity to create a baseline profile for each user on your network. Advanced data security analytics compare current monitored data to that baseline to detect abnormal behavior, and triggers an alert to give you actionable intelligence to respond to any discovered threats. 

Varonis provides the core monitoring, classification, permissions management, and threat intelligence you need to establish Zero Trust on your network.

Why Zero Trust Model Security?

The Zero Trust framework can provide a solid defense against data breaches and advanced cybersecurity threats. All attackers need to break into your network is time and motivation — firewalls or password policies don’t deter them. You need to build internal barriers and monitor everything to catch their movements when they break in.

Download the 2019 Data Risk Report to see security issues and vulnerabilities that a Zero Trust approach can help address — and see how Varonis’ data-centric approach helps organizations establish and achieve a Zero Trust framework and strategy.

Jeff Petters

Jeff Petters

Jeff has been working on computers since his Dad brought home an IBM PC 8086 with dual disk drives. Researching and writing about data security is his dream job.

 

Does your cybersecurity start at the heart?

Get a highly customized data risk assessment run by engineers who are obsessed with data security.