How does trust work in traditional networks
Traditional network security used the castle and moat method to keep things protected. This design was composed of a border at the edge of the network defended by some kind of firewalling device or software. In This approach it was taken for granted that whoever and whatever is on the inside of this network was meant to be there. This assumption is the basis for the trust relationship between requesters of access and the servers. The requester would authenticate once and would be trusted until the session is logged out. The system automatically assumes the user or device is who they are supposed to be and is doing what they are supposed to be doing for how long they ought to do it for. This means that if a bad actor get’s across the border they almost have all the time in the world to traverse across the network leaving compromise and destruction in their wake. It is not difficult for a bad actor to obtain the simple authentication credentials for network access either. There are numerous techniques perfected over the years that allowed this with ease. The modern network with its borderless architecture coupled with Bring Your Own Device (BYOD) has removed the moat from the castle making it even easier for malicious requests for network access to be made.
Borderless network architecture
In the traditional network, security experts can visualize a border which is protected by a firewall. Being able to imagine those lines made it easy to identify outside and inside of the network. But with advancements in mobile computing, internet access and work from home options, it is not easy to tell where the border is any more. It is even more difficult to tell who or what is trying to access the network. Modern networks are not just the assets you have on premises, rather they are all the devices requesting access from wherever they might be, all the assets and services in the cloud etc. with the border lines being so blurred and sometimes non existent security specialists have to rethink how critical infrastructure is to be protected.
Zero Trust Architecture
Ever heard the phrase, innocent until proven guilty? Well this is the opposite.With zero trust everyone and everything is treated as guilty until they can prove otherwise. Zero trust is guided by the philosophy of “never trust always verify” so instead of assuming the security posture of network assets, every request whether its generated inside or outside is treated as a potential breach.
Because every request is handled as a potential attack, this model requires thorough authentication and authorisation before granting any access. Also, by implementing micro-segmentation strategies, minimum privilege is granted to users, applications or devices. This minimizes lateral movements of threats through the network. If a breach does occur, The damage will be contained and its effects will be less catastrophic.
Endpoint Security with Zero Trust
As mentioned above the modern computer network is so widely distributed that the organization may not own or control all the devices that need access. This simply means that the security strategy used to protect these endpoints may not be at the levels and standards of the organization. As one can imagine this clearly increases the opportunities for cyber attacks. In order to minimize this threat zero trust strategist must ensure that they design policies that extend to all endpoints. This includes BYOD devices, apps and IoT devices. If it is going to access the company’s information infrastructure then it should adhere to the company’s security policy strategy.