/
Zero Trust Segmentation

Operationalizing the Biden Administration's Cybersecurity Executive Order with Zero Trust

Last week, the Biden Administration took a firm stance on the cybersecurity improvements needed at the federal level, and really across all organizations. Among other recommendations, there was a strong acknowledgement of the need for a Zero Trust strategy.

Zero Trust is a coordinated cybersecurity approach, a security framework, and an architecture that eliminates implicit trust by preventing automatic access for any source – internal or external – and assumes that internal network traffic cannot be trusted without prior authorization and continuous verification based on real-time information from multiple sources. Zero Trust eliminates the idea of excessive trust across networks, devices, users, or workloads and helps to enable granular access control based on least privilege, which greatly reduces the attack surface by limiting scope and movement inside the network for attackers.

Andrew Rubin and I started Illumio with these same principles in mind to help organizations of all sizes improve their security by making it easier to embrace this mindset.

Let me call out a number of these principles by citing them in the EO.

Assume breach

Let’s discuss the concept of assume breach. “The Zero Trust Architecture security model assumes that a breach is inevitable or has likely already occurred.” This is embracing a somewhat uncomfortable stance by assuming that an attacker is likely already inside your perimeter, and, therefore, organizations should build up security controls to prevent such infiltrations from becoming large, catastrophic events. First and foremost, organizations must embrace a mindset shift and adopt security controls that get you to least privilege models everywhere.

Allowlists

The EO also says, “In essence, a Zero Trust Architecture allows users full access but only to the bare minimum they need to perform their jobs.” It suggests that, “This data-centric security model allows the concept of least-privileged access to be applied for every access decision.” Helping our customers build and maintain least privilege models is at the core of what we do at Illumio and how our products are built and architected. And it’s not easy. There are many who tout Zero Trust models, and then let you build deny lists to prevent potential bad things from happening. This is not Zero Trust.

Embracing Zero Trust means building a minimal allow list. It means understanding what people need access to in order to do their jobs and providing no additional access. “The Zero Trust security model eliminates implicit trust in any one element, node, or service.” It requires driving every bit of implicit trust out of your network and environment at all levels. “The Zero Trust security model eliminates implicit trust in any one element, node, or service.” This means that you need to take a holistic view of your environment.

Unified visibility

As stated in the EO, “Zero Trust Architecture embeds comprehensive security monitoring; granular risk-based access controls; and system security automation in a coordinated manner throughout all aspects of the infrastructure in order to focus on protecting data in real-time within a dynamic threat environment.” Organizations need unified visibility to see and understand, with greater context, communication across endpoints, users and workloads in heterogenous on-prem and multi-cloud environments.

Zero Trust journey

Often people start on a Zero Trust journey with a Zero Trust Network Access (ZTNA) solution, to apply some of the principles between end-users and the applications and systems, and then leave an implicit (non-zero) trust model behind the ZTNA gateway. While that is part of Zero Trust strategy, ZTNA alone is not enough. The recent SolarWinds attack proves this as the breach occurred between workloads.

Zero Trust Segmentation

The other key piece of the puzzle is Zero Trust Segmentation, which allows you to build least privilege policy between workloads for all your crown jewel applications in your data center and clouds. We see more and more attacks like the recent supply chain attacks on SolarWinds and CodeCov that don’t exploit user access, but rather exploit the implicit trust between workloads. Zero Trust Segmentation is foundational to achieving a holistic Zero Trust posture.

Formulating a Zero Trust approach

What’s needed is a comprehensive approach that can enable Zero Trust to work everywhere in your environment – in the data center, in the cloud, and at the edge.

It’s important to implement a Zero Trust Architecture that can eliminate security silos across existing IT/networking/security tools to help you reduce risk, lower cost, and save time to deploy for Zero Trust.

To help you with your Zero Trust journey, you need to develop and execute on a comprehensive Zero Trust strategy, architecture, and implementation plan.

Are you looking to meet the White House's Executive Order requirements faster? Learn how here or join us for a workshop where you'll learn how to design a Zero Trust architecture for your federal agency.

Related topics

Related articles

How to Ensure Successful Microsegmentation Projects: Picking the Right Tools
Zero Trust Segmentation

How to Ensure Successful Microsegmentation Projects: Picking the Right Tools

Learn what to look for when evaluating microsegmentation tools and why legacy approaches fail to deliver microsegmentation in modern environments.

Questions About Microsegmentation You Don’t Know to Ask: What does it take to get your application team on board?
Zero Trust Segmentation

Questions About Microsegmentation You Don’t Know to Ask: What does it take to get your application team on board?

How to introduce microsegmentation, while developing a durable, trust-based relationship with application owners, DevOps and cloud teams.

How Zero Trust Allows Organizations to Address Each Step in the Cyber Kill Chain
Zero Trust Segmentation

How Zero Trust Allows Organizations to Address Each Step in the Cyber Kill Chain

In this blog post we look at the Cyber Kill Chain, how security models that assume trust only help in mitigating Steps 1 to 6 in the chain.

No items found.

Assume Breach.
Minimize Impact.
Increase Resilience.

Ready to learn more about Zero Trust Segmentation?