“Zero trust” is a phrase that is used a lot in security circles nowadays. But what does it mean, is it just a buzzword? In this lesson, we’ll dive into exactly what zero trust is.
-
In this lesson, we’ll cover:
-
What is zero trust?
-
How does zero trust differ from traditional security architectures?
-
What is defense in depth?
Zero Trust is a cybersecurity approach that challenges the traditional notion of "trust but verify" by assuming that no entity, whether inside or outside an organization's network, should be inherently trusted. Instead, Zero Trust advocates verifying every user, device, and application attempting to access resources, regardless of their location. The core principle of Zero Trust is to minimize the "attack surface" and reduce the potential impact of security breaches.
In a Zero Trust model, the following principles are emphasized:
-
Verify Identity: Authentication and authorization are rigorously applied to all users and devices, regardless of their location. Remember that an identity isn't necessarily human: it can be a device, an application, etc.
-
Least Privilege: Users and devices are granted the minimum level of access necessary to perform their tasks, reducing the potential damage if compromised.
-
Micro-Segmentation: Network resources are divided into smaller segments to limit lateral movement within the network in case of a breach.
-
Continuous Monitoring: Ongoing monitoring and analysis of user and device behavior are conducted to detect anomalies and potential threats. Using modern monitoring techniques also use machine learning, AI and threat intelligence to provide additional detail and context to monitoring.
-
Data Encryption: Data is encrypted both in transit and at rest to prevent unauthorized access.
-
Strict Access Control: Access controls are enforced based on context, such as user roles, device health, and network location.
Microsoft separates zero trust into five pillars, which we will discuss in a later lesson.
Zero Trust differs from traditional security architectures, such as perimeter-based models, in several ways:
-
Perimeter vs. Identity-Centric: Traditional models focus on securing the perimeter of the network and assuming that internal users and devices can be trusted once inside. Zero Trust, on the other hand, assumes that threats can originate from both inside and outside the network and enforces strict identity-based controls.
-
Implicit vs. Explicit Trust: Traditional models implicitly trust devices and users within the network until proven otherwise. Zero Trust explicitly verifies identities and continuously monitors for anomalies.
-
Flat vs. Segmented Network: Traditional architectures often involve flat networks where internal users have broad access. Zero Trust advocates segmenting the network into smaller, isolated zones to contain potential breaches.
-
Reactive vs. Proactive: Traditional security often relies on reactive measures such as perimeter firewalls and intrusion detection. Zero Trust takes a proactive approach by assuming breaches are likely and minimizing their impact.
Defense in depth, also known as layered security, is a cybersecurity strategy that involves deploying multiple layers of security controls and measures to protect an organization's assets. The goal is to create overlapping layers of defense so that if one layer is breached, others can still provide protection. Each layer focuses on a different aspect of security and increases the overall security posture of an organization.
Defense in depth involves a combination of technical, procedural, and physical security measures. These can include firewalls, intrusion detection systems, access controls, encryption, user training, security policies, and more. The idea is to create multiple barriers that collectively make it difficult for attackers to penetrate an organization's systems and networks. This is also sometimes known as the "swiss cheese" model that is also used in accident prevention in other industries (e.g. transport).
