With cyberattacks on the rise, is it time your business went zero-trust? Find out what a zero-trust architecture is and how it keeps critical data safe
Did you know that analysts estimate that by the end of next year, cyberattacks will have cost businesses over $6,000,000,000,000?
In 2020, a ransomware attack happens every 14 seconds. Half of the cyberattacks target small businesses and non-profits. What chance do they have when even huge companies with large security budgets like Target, Marriott, Under Armour, Equifax and more have fallen prey.
This has led many security experts to conclude that only a zero-trust architecture can prevent the seemingly inevitable.
Marius Nel, a cybersecurity specialist in Atlanta shares how you can establish your own zero-trust infrastructure.
What Is a Zero Trust Architecture?
The premise behind zero trust is that you never take anything for granted. You establish a policy of “Always verify first, then trust.” It involves zero trust tools like:
- Network monitoring software
- Vertical and horizontal data segmentation
- User-access control
- Layer 7 prevention
A zero trust architecture addresses three very modern problems in most businesses:
- Too many people have access to too much data
- Those who have access may log-in through many devices
- You can’t see everything that’s going on in real-time. Applications, servers, databases and users are continually sharing information back and forth. It’s hard to home in a threat quickly because of so much traffic.
Who Developed the Zero Trust Security Philosophy?
We can’t take credit for it. Zero Trust was developed by John Kindervag, former vice president and principal analyst at Forrester Research. Big and trusted technology companies like Cisco have implemented Kindervag’s zero-trust strategy.
While Kindervag developed the strategy, it’s important to note that it’s not a one-size-fits-all security solution. Any business that wants to build a zero-trust framework should consider their unique business needs, security risks and capabilities to develop the best zero trust security strategy for them.
With that said, next, let’s take a look at some of the critical elements of zero trust technology.
Deploying a Zero Trust Security Strategy
Zero trust may seem cumbersome and expensive. But it doesn’t have to be if you take a systematic approach.
1. Identify your Protect Surface
Kindervag defines this as “what we need to protect” above all else. The smaller and more consolidated we can make these protect surfaces, the better.
A zero-trust system is willing to sacrifice the unimportant to focus efforts on protecting the vitally important.
This includes:
- Data that could be stolen or held for ransom
- Applications that have access to sensitive information
- Assets that could be damaged in an attack
- Services that an attack could disrupt
2. Map Transaction Flows
Visualize where data is moving from place to place. Data may move horizontally and vertically.
You’ve specific user interfaces where people can access that data.
3. Build a Zero Trust Architecture
This includes such zero trust strategies as:
- Two-step verification
- Partitioning of employee access
- Limiting your protect surface as much as possible, so you have less surface area that needs the highest level of protection
- Verify new devices on the network and limit devices through policy where you can without hurting workflow
- Put all third-party apps through a rigorous review process by experienced cybersecurity professionals
- Have the ability to stop the suspicious activity immediately, so its legitimacy can be verified
4. Create a Zero Trust Policy
Create a written policy. Educate both IT and the average employee about what zero trust is, why it’s in place and what they can do as users to help reinforce the zero trust architecture.
Make employees aware of common strategies hackers use to turn employees into pawns in a hack attempt.
Consistently enforce your policy.
5. Monitor and Improve
Use technology to gain visibility into the shadowy areas in the network. Monitor traffic. Deploy machine learning tools to help identify abnormal traffic or individual user volume or behavior.
Create reports and set up alerts so that cybersecurity personnel can both address concerns quickly and look for new areas of higher risk where patches in the system could improve security.
