Security in the Real World
People living in small towns usually know all their neighbors so hardly anyone locks their doors. But for people living in bigger towns, it’s much harder to know who their neighbors are, so everyone starts locking their doors. People not only lock their doors, they also install security systems, put bars on their windows, and might even get a guard dog.
In other words, when you have limited risk, your network security architecture can be simple but as the risks become greater—when certainty in your security decreases—then you need to rethink how to keep your property safe. As a consequence, security becomes more complicated.
The Evolution of Network Security
Similarly, that’s how network security evolved. In the late ‘80s through the early ‘90s, network security was simple; once an entity (a person, a machine, a process) that was inside the envelope of your network and authenticated with your security service (typically the computer you were using) it was assumed that entity was, henceforth, trustworthy.
This security architecture is called perimeter security, otherwise known as “moat and castle,” and it assumed that anything authenticated internally—in the castle—was safe while anything outside was untrustworthy. This architecture worked well because there were no external connections to your network and the network itself wasn’t complicated.
Perimeter security also assumed the bad guys were all on the outside of your network and your staff, particularly the IT staff, were well-trained, didn’t make mistakes, and didn’t have bad motives. Combine that assumption with low network complexity and limited organizational use, and your network was—at least for a while—pretty well secured.
The End of Simple Network Security
Of course, this simple security architecture couldn’t last for long. As networks started to become more central to business operations and the need arose for external connections for business partners along with the need to support mobile and remote workers, networks became far more complicated. By the late ‘90s, these networks began connecting to the internet, paving the way for websites and email becoming mainstream. By the 2000s, hundreds of service providers began offering software-as-a-service (SaaS), which has become a strategic component of enterprise business operations.
Now, the envelope of the network is no longer as clearly defined. Consequently, network security challenges became much more complex.
To sum up the state of network security to around 2010:
- The network no longer had a single, unbroken network perimeter. It had become “porous” to support mobile and remote workers, as well as business partners and new third-party services
- “One and done” authentication of entities requesting access became inadequate for the new and more complex network security demands
- You could no longer assume that anyone on your network, including your staff, could be trusted.
A Better Network Security Architecture
The realities of 21st-century enterprise networking required a new paradigm and in 2010, John Kindervag, an analyst at Forrester Research, wrote a paper that popularized the idea of the Zero Trust architecture (also called ZTA or perimeterless security), though the concept had actually been around since 1994.
Over the next few years, as enterprise computing evolved to embrace cloud computing and the problems with perimeter security became more pressing, the concept of the Zero Trust architecture gained traction. In 2020, the National Institute of Standards and Technology (NIST) and the National Cyber Security Center of Excellence (NCCoE) developed a NIST Special Publication, (SP) 800-207, Zero Trust Architecture.
The NIST publication defines the Zero Trust architecture as:
… a collection of concepts and ideas designed to reduce the uncertainty in enforcing accurate, per-request access decisions in information systems and services in the face of a network viewed as compromised. A zero trust architecture (ZTA) is an enterprise’s cyber security plan that utilizes zero trust concepts and encompasses component relationships, workflow planning, and access policies. Therefore, a zero trust enterprise is the network infrastructure (physical and virtual) and operational policies that are in place for an enterprise as a product of a zero trust architecture plan. – Wikipedia
The fundamental concept of the Zero Trust architecture is simple: Never trust, always verify.
How to Build a Zero Trust Architecture?
Zero Trust network architectures have four main requirements:
- The use of micro-perimeters and micro-segments to restrict traffic flow and limit user privileges and access as much as possible.
- Micro-perimeters take the concept of a secured network perimeter that defines what is inside of the network and what is outside (traffic crossing this boundary is often referred to as “north-south” traffic) and applies similar access controls to smaller groupings of network entities or even to a single device.
- Micro-segmentation creates zones within data centers and cloud environments to isolate workloads and secure them individually (traffic in micro-segments is often referred to as “east-west” traffic).
- Effective incident detection and response using comprehensive analytics and automation.
- Integrated multi-vendor network solutions to ensure seamless compliance and unified cyber security.
- Comprehensive and centralized visibility into all entities and workflows including users, devices, data, the network itself, and workflows. This must also include visibility into all encrypted communications.
To reiterate, the Zero Trust security architectures are based on not trusting anyone or anything on your network. This means that network access is not granted without the network knowing exactly who you are. Moreover, every access attempt by any entity must be validated at multiple points throughout the network to make sure no unauthorized entity is moving vertically into or laterally within the network without being detected.
Making a Zero Trust network really work requires in-depth traffic inspection and analytics. Central to this is the use of SSL inspection solutions that decrypt and analyze encrypted network traffic (sometimes called “break and inspect”) to ensure policy compliance and maintain privacy standards.
By monitoring encrypted traffic to detect suspicious network communications and malware payloads as well as attempts to exfiltrate controlled data, for example, credit card and social security numbers, SSL inspection makes it possible for the Zero Trust model to comprehensively do what it’s supposed to do – protect networks from both internal and external threats.
Why You Need to Migrate to a Zero Trust Security Architecture
If you haven’t started down the path of reengineering your network to become a Zero Trust network, here the five crucial reasons to do so:
- The complexity of your network—the number of users, where they work, the devices they use, the number of workloads, your use of SaaS, adoption of a hybrid cloud environment, and so on—is just going to increase. A Zero Trust network reduces the complexity of securing your assets and makes it much easier to isolate problems.
- Because the complexity of your network is increasing rapidly, your security perimeter will, and maybe already does, look like Swiss cheese. Consequently, the attack surface of the network has expanded and the only practical way to reduce your level of vulnerability is to start establishing micro-perimeters and micro-segments to regain control.
- Third-party services such as SaaS and PaaS can’t be trusted. It only takes a single breach of a single third-party service that’s overly trusted to compromise your network assets. Creating robust micro-perimeters around these services is an absolute must.
- The internet is, essentially, an unsecured network and cyberattacks from amateurs, organized crime, and hostile state actors are increasing rapidly. In addition, the costs of mitigating a breach or a ransomware attack have increased enormously. The financial risks have become profound and will become the driving force in IT budgeting.
- Insider threats have also increased rapidly. Managing a mix of employees working from home and from branch offices as well as providing access to suppliers and other business partners requires robust and well-structured security controls.
If you’ve started down the path to a Zero Trust network, are you moving fast enough? Could you move faster? Does the C-suite understand the issues and is it willing to fund a strategy that might be all that stands between business success and irreversible failure? If you’ve not yet started to plan and implement a Zero Trust architecture, why not?