We’re seeing the Zero Trust security model gain a lot of traction, especially since news of major security breaches has become a daily occurrence. In July, a reported 14 million Verizon subscribers who contacted customer service in the past six months could have been affected by a data breach. In September, Equifax, one of the three largest credit agencies in the US, suffered a breach that may have affected 143 million consumers. In the same month, Jay Clayton, Chairman of the SEC, issued a statement about cybersecurity and included details of a 2016 data breach. The list is virtually never-ending, with firms of all sizes and sophistications suffering new slip-ups all the time.
Back in 2015, the Office of Personnel Management (OPM) experienced two separate cybersecurity incidents that resulted in stolen personnel files of almost 22 million people who had undergone background investigations. In response, The US House of Representatives Committee on Oversight and Government Reform issued a report containing a formal recommendation that federal agencies should adopt the “Zero Trust” Model of Cybersecurity, which centers on the belief that neither internal nor external networks can be trusted.
What Is Zero Trust?
Since the beginning of digital time, companies have used firewalls to enforce perimeter security. The model works well enough as long as everyone works exclusively in the firm’s own buildings. However, with a growing mobile workforce, the surge in the variety of devices used by this workforce, increased adoption of Industrial IoT, and the growing use of cloud-based services, additional attack vectors have emerged that are challenging the traditional perimeter philosophy to the point of obsolescence.
Key assumptions of the perimeter model no longer hold: The perimeter is not just the physical location of the enterprise anymore and if the traditional perimeter is breached, an attacker has relatively easy access to an organization’s privileged internal network. That means that what lies inside the perimeter is no longer a blessed and safe place.
Conversely, in a Zero Trust model, all access to company resources is fully authenticated, fully authorized, and fully encrypted based upon device state and user credentials, regardless of network or location. In this model, administrators can enforce fine-grained access to different resources. As a result, employees can safely work from any network without the need for a traditional VPN connection into the privileged intranet. The user experience between local and remote access to enterprise resources is effectively identical.
How Do I Get There From Here?
Zero Trust is anchored in three absolutes: All network flows must be authenticated before being processed, authentication and encryption must be performed by endpoints on the network, and access to services is granted based on what the system knows about the user and the device.
The AppWANs our customers create and spin up with our web-based console and APIs are software-only encrypted overlays that define how endpoints are permitted to access services (applications and/or data) across the Internet and/or existing private networks like MPLS. Among the many benefits abstracting your network with AppWANs brings, they can easily meet Zero Trust requirements in the three aforementioned anchor areas:
Dark Endpoints – Protected endpoints open an outbound connection to the NetFoundry overlay fabric which only allow authorized data. AppWANs deny any packets which have not been authorized, making the network dark. Even if a device inside the network is vulnerable, AppWANs mask the deficiency by rejecting the externally originated attempts before it can reach the vulnerable device.
Authenticate Before Connect – By design, AppWANs authenticate endpoints through the network control layer before the endpoints are given network access. This authenticate-before-connect security paradigm is becoming a best practice with advocates including the Cloud Security Alliance (“Software Defined Perimeter”), US Defense Information Systems Agency (“black cloud”), and Google (“BeyondCorp”).
Least Privilege Access – Each authenticated endpoint is only given the access it needs, as defined by the security polices of the business. Least Privilege Access enables application-level, centralized (one IAM policy across apps and network), micro-segmentation. For example, an IoT device may be diverted to a honeypot network depending on its identity or location.
There’s a lot more to NetFoundry and Zero Trust than we can cover in a single blog post, but hopefully this gives you a taste of the concept and of what can be done today without up-ending your entire IT infrastructure.
If you’re interested in learning more about spinning up secure, performant, zero trust AppWANs in minutes with our console and APIs, check out our latest whitepaper or click here for a personalized live demo.