True North Networks Blog
5 Reasons Your Organization Needs to Adopt a Zero Trust Security Architecture
Traditionally, network architectures were designed and secured according to the "castle-and-moat" model. Like a medieval fortress, an enterprise data center was imagined to have impregnable and unbreachable walls. All traffic entering or exiting would pass through a single access point, where a security gateway appliance would sit, like a knight in shining armor. This device would police the network traffic on a packet-by-packet basis, allowing traffic it deemed ‘safe’ unrestricted access to the network’s trusted interior.
Although this model is as outdated as chain mail is for 21st-century military combat, its legacy endures in assumptions and presuppositions that can prevent business decision makers from choosing the most effective cybersecurity tools and solutions for today’s complex threat landscape.
Zero Trust was initially proposed by Forrester Research in 2010. It is a paradigm designed to counter outdated ways of thinking about network security by providing a new model that’s better suited for today’s distributed, diverse, data-centric architectures.
The Zero Trust model is centered in the core concept of "never trust, always verify," and the goal of adopting a Zero Trust architecture is to eliminate internal "trusted" zones within the network and instead make security omnipresent throughout the digital business ecosystem.
Here’s why this is so important right now.
No 1.: Network architectures no longer have a single point of ingress/egress that can be monitored and controlled
With the rise of cloud-based services and increasing numbers of employee-owned, mobile and the internet of things (IoT) devices connecting daily, the idea that networks have fixed perimeters has become largely meaningless. The shape and configuration of an enterprise network are in constant flux, as different combinations of devices access various services from moment to moment.
Nearly half of all enterprise workloads already run in the cloud, and researchers estimate that as many as 94 percent will be processed in cloud data centers by the end of 2021. As increasing numbers business processes rely on cloud-based computing power, the idea of an internal "trusted" network makes less and less sense.
No. 2: Credential theft is an enormous problem today
According to recent reports, stolen credentials or misused privileges were used to gain access to network resources in more data breaches last year than any other method. And credential theft has held this spot -- as the No. 1 threat action successfully employed in breaches -- consistently for the past 10 years straight. And, the volume of phishing email observed by researchers continues to increase.
Needless to say, perimeter-based defenses are utterly ineffective against these sorts of attacks. Once an attacker has access to privileged credentials, they’re free to move laterally across the network at will, unless continuous traffic monitoring is in place that can alert on these anomalous activities, or multi-layered access controls require a second type of authentication.
No. 3: Employee error remains the most common cause of data breaches
In one recent survey, examining cases of unauthorized exposure of regulated data (such as protected health information or credit card numbers), 92 percent of incidents and 84 percent of breaches were due to "inadvertent" or "unintentional" actions. Its reality: we’re all human, and we make mistakes.
Zero Trust architectures that include multi-layered defenses and data-loss-prevention (DLP) solutions can help mitigate these risks. Perimeter-based defenses cannot.
No. 4: Traditional firewalls and legacy anti-virus/anti-malware solutions cannot stop all threats
Simply put, these products don’t offer adequate defenses against today’s emerging and increasingly sophisticated file-based threats. With more than 350,000 new types of malwarebeing unleashed daily, even the best signature-based endpoint protection platforms cannot be relied on to catch them all.
When you’ve implemented a Zero Trust architecture, you should have resilient, layered defenses in place to ensure attackers who have evaded your endpoint-based detection mechanisms cannot have free access to your computer’s or other devices’ resources on the network. Adopting a "never trust, always verify" mindset also means seeking out solutions that will prevent unknown files from executing or making changes in your environment.
No. 5: Zero Trust presents a solid foundation for robust, resilient security architectures
Adopting a Zero Trust framework doesn’t mean you need any particular tools or solutions. It does mean that you need to change how stakeholders throughout your organization think about information security risks and how they collaborate to bring about meaningful change.
If you design multiple layers of protection into your infrastructure’s backbone -- and make sure the most effective technologies, like cloud-based verdicting for all unknown files, are among the solutions you’ve chosen -- you’ll vastly decreasing your chances of experiencing a significant breach.