Network Trust: How to Maintain and Establish it in Your Perimeter

Everyone has heard about “the expanding attack surface” and the “ever-increasing amounts of data;” about employees wanting to access email on their own devices (anywhere, anytime) and all the emerging tech – Machine Learning (ML) and Artificial Intelligence (AI) to name a few – that is supposed to fix increasing cybersecurity concerns. While the evolution of ML and AI continues, there’s an immediate, helpful and game-changing cybersecurity strategy: Zero Trust. 

In the past, when approaching security posture, the main concern was generally about blocking a potential attacker who sits outside your network from getting inside your network (often referred to as perimeter defense). While this is an important security issue to address, there is an increasingly common, concerning paradigm. It is protecting your sensitive data from a potential breach from the inside: The ability to create a Zero Trust infrastructure. 

Trust no one and nothing

By definition, Zero Trust means that by default, you do not trust any entity on the network including users, devices and applications. By establishing trust nothing and no one boundaries, you are in essence compartmentalizing segments of your network. This allows you to control, in a positive way, who has access to critical resources, limit user access, control the applications being used and scan for any potential threats as the user accesses any allowed resources. Doing so is another step in reducing the exposure of vulnerable systems and preventing the lateral movement of malware throughout your network.

Some of the concepts around Zero Trust networks are:

• Establishing that there are no trusted networks (internal or external)
• Adopting an architectural approach to help you focus on the security of your data, team, and workloads 
• Starting by identifying and mapping your sensitive data, and then segmenting your network based on data sensitivity and creating micro-perimeters — that you can fasten together to create a larger Zero Trust network
• Monitoring your Zero Trust ecosystem continuously with security analytics 
• Adopting orchestration and automation to speed up breach detection and response. Manual security operations are simply too slow, giving attackers more time to steal data and cause long-term damage to the environment
• Addressing the widespread use of mobile devices and apps, the adoption of cloud services, the use of social media, and any vendor or third-party dependencies
• Providing secure access to the network; this means via a remote VPN session or having to authenticate to access the network
• Having the ability to identify devices and guest users accessing your wireless networks and then having the authentication device update your security platform with this information, allowing the tracking and logging of guest user activity
• Inspecting all traffic at the application level so that you don’t run into issues such as application port hopping. The goal is to provide designated users with the access required to perform their job function only
• Not allowing it to become a network bottleneck

Once this Zero Trust network is established, you can prevent things like the exfiltration of sensitive data by someone internal who shouldn’t have access to it in the first place. In addition, you’ll have better malware containment throughout the network. It also may help in meeting specific compliance recommendations. 

Why think about implementing Zero Trust?

The enemy is getting smarter and faster. A Zero Trust network is safer, more agile and can quickly adjust to new business initiatives such as geographic expansions, cloud services adoptions, bringing on and integrating suppliers, and faster new customer onboarding.