Thanks to the recent publication of the National Security Agency’s (NSA) Network Infrastructure Security Guidance report, weeding out common network weaknesses and vulnerabilities have shot to the top of the agenda for many business decision-makers.
After all, the average financial fallout of a data breach has reached an eye-watering $4.24 million – a 17-year high. Today’s organizations must prioritize data security and the benefits of a Zero Trust Architecture (ZTA), but before we go any further, let’s take a closer look at what ZTA is and where this concept came from.
Also known as perimeterless security, Zero Trust is a security model based on a framework of principles for the design and implementation of IT systems to address cyber threats in increasingly decentralized environments. Users must be authenticated, authorized, and continuously validated before being granted access to systems and data. In short, Zero Trust inherently trusts no one.
Hackers’ point of entry is often not their target location within a network. Instead, they identify a vulnerability in one area and move laterally until reaching their target. ZTA prevents this from happening by forcing users to identify themselves at multiple points –essentially limiting the damage a bad actor can do.
Zero Trust isn’t a new concept. It was first presented in 2009 by John Kindervag, a former principal analyst at Forrester Research. However, its popularity has exploded over the past two years. In fact, a 2021 Microsoft report found that 90% of security decision-makers were familiar with the concept, up from just 20% just a year ago. This trend has no doubt been catalyzed by the growth of remote working and increased cloud adoption. Not to mention the skyrocketing number of cyberattacks – which look to grow further based on recent warnings from the White House about incoming Russian cyberattacks on U.S. businesses.
There’s no one-size-fits-all model for implementing ZTA. However, organizations should typically consider the following:
Effectively managing and securing digital identities is arguably the most important component of ZTA. Simply put, without an identity and access management (IAM) strategy in place – you can forget Zero Trust. Or, at least forget any of the benefits that come from it.
There’s a huge range of tools that organizations can use when implementing their IAM strategy but having the above solutions in place is just one piece of the puzzle. Thanks to an array of legacy systems that most organizations still have, it’s common to see one tool for provisioning and deprovisioning, another for MFA, a third for SSO, and so on. Without intending to do so, organizations with this type of fragmented approach often introduce the very risks they’re trying to avoid.
Instead, forward-thinking organizations should be looking to consolidate these tools with a unified strategy that eliminates gaps and enables a single point of control.
All in all, it’s hard to overstate the sheer number of cybersecurity-related challenges currently facing organizations. Admittedly, for many, it’s a case of figuring out how to secure systems, data, and users in the immediate term. But once they’re done firefighting, implementing ZTA – grounded in an effective identity and access management strategy – is a no-brainer.