How to build a zero trust model

In the early days of computer networking, cyber security was predominantly focused on the perimeter because it was thought you needed to keep the bad guys out. Within the perimeters was thought to be safe and trusted, while outside the enterprise firewalls danger lurked.

However, this assumes that hackers haven’t already got into the network and started doing damage. Cyber criminals can get a grip within a businesses' infrastructure by exploiting a vulnerable system, stolen credentials, or by exploiting poorly configured wireless connections. To counteract this scenario, many modern enterprises are adopting a zero trust model.

What is a zero trust model?

Zero trust is a relatively new and evolving approach to network design. It means “never trust, always verify”. By default, devices on a network are not trusted, even when connected to a corporate network and even if previously verified.

This model protects the environment by using methods and processes such as network segmentation, strong authentication, preventing lateral network movement, and simplifying “least access” policies.

So how does an organisation go about building, running, and using a zero trust model in the infrastructure?

Network segmentation

The foundation of a zero trust architecture is network segmentation. Systems and devices must be segregated according to the types of data they process and the access they permit. This can then limit the reach of a hacker once they get into the network.

To segment a network, organisations should create a comprehensive roadmap based on business and security aims. They should then map application dependencies so that organisations know how apps communicate to endpoints within the infrastructure. Finally, a network should not be over-segmented as this can lead to over complexity and may prevent employees from doing their jobs properly if they can’t access the systems they need to.

Identity and access management improvement

A strong identity and access management infrastructure is another precondition of a zero-trust model. Multi-factor authentication offers additional reassurance of identity and defends against credential stealing. Implementing role-based access control permits applications to limit access in a way that implements the principle of least privilege.

Deploying least privilege at the firewall

Least privilege not only applies to users, but it also applies to networks. After network segmentation, access between networks should be locked down to only allow traffic between them according to business needs.

Using a next-generation firewall (NGFW) can help organisations to implement what Gartner defines as a “deep-packet inspection firewall that moves beyond port/protocol inspection and blocking to add application-level inspection, intrusion prevention, and bringing intelligence from outside the firewall.”

Monitoring using AI and machine learning

Machine learning can be used by organisations to speed up the work of detecting and mitigating threats. Usually, security analysts would use security information and event management (SIEM) solutions to gain a comprehensive understanding of security events collected from systems, devices, and applications across an organisation’s network and clouds. Machine learning and artificial intelligence (AI) can help to surface threat indicators that would otherwise be lost in reams of data.

This gives security teams a better way of recognising what activity is taking place and if it is normal activity that machine learning has been trained to identify. If this activity falls outside normal usage patterns, AI can flag this up as suspicious and help enterprises improve their defences from both internal and external threats and deploy a more full-bodied zero trust security model.

Ongoing management and issues

A zero trust model should be thought of as part of an organisation’s overall digital transformation strategy. It should be by design and not simply retrofitted. This means implementing technology to achieve zero trust as more systems move to the cloud and legacy systems are replaced.

Moving to zero trust should involve an ongoing conversation between security and the rest of the organisation to prioritise what moves to a zero-trust model and what can wait.

When up and running, managing zero trust should involve security teams developing and maintaining zero trust models, while network teams manage networks. The security team should also carry out regular audits to ensure that the network adheres to the policies and protocols of zero trust. Critical workloads will need more analysis of users and devices compared to other, less important, workloads.