Last week, the Biden Administration took a firm stance on the cybersecurity improvements needed at the federal level, and really across all organizations. Among other recommendations, there was a strong acknowledgement of the need for a Zero Trust strategy.
Zero Trust is a coordinated cybersecurity approach, a security framework, and an architecture that eliminates implicit trust by preventing automatic access for any source – internal or external – and assumes that internal network traffic cannot be trusted without prior authorization and continuous verification based on real-time information from multiple sources. Zero Trust eliminates the idea of excessive trust across networks, devices, users, or workloads and helps to enable granular access control based on least privilege, which greatly reduces the attack surface by limiting scope and movement inside the network for attackers.
Andrew Rubin and I started Illumio with these same principles in mind to help organizations of all sizes improve their security by making it easier to embrace this mindset.
Let me call out a number of these principles by citing them in the EO.
Let’s discuss the concept of assume breach. “The Zero Trust Architecture security model assumes that a breach is inevitable or has likely already occurred.” This is embracing a somewhat uncomfortable stance by assuming that an attacker is likely already inside your perimeter, and, therefore, organizations should build up security controls to prevent such infiltrations from becoming large, catastrophic events. First and foremost, organizations must embrace a mindset shift and adopt security controls that get you to least privilege models everywhere.
The EO also says, “In essence, a Zero Trust Architecture allows users full access but only to the bare minimum they need to perform their jobs.” It suggests that, “This data-centric security model allows the concept of least-privileged access to be applied for every access decision.” Helping our customers build and maintain least privilege models is at the core of what we do at Illumio and how our products are built and architected. And it’s not easy. There are many who tout Zero Trust models, and then let you build deny lists to prevent potential bad things from happening. This is not Zero Trust.
Embracing Zero Trust means building a minimal allow list. It means understanding what people need access to in order to do their jobs and providing no additional access. “The Zero Trust security model eliminates implicit trust in any one element, node, or service.” It requires driving every bit of implicit trust out of your network and environment at all levels. “The Zero Trust security model eliminates implicit trust in any one element, node, or service.” This means that you need to take a holistic view of your environment.
As stated in the EO, “Zero Trust Architecture embeds comprehensive security monitoring; granular risk-based access controls; and system security automation in a coordinated manner throughout all aspects of the infrastructure in order to focus on protecting data in real-time within a dynamic threat environment.” Organizations need unified visibility to see and understand, with greater context, communication across endpoints, users and workloads in heterogenous on-prem and multi-cloud environments.
Zero Trust Journey
Often people start on a Zero Trust journey with a Zero Trust Network Access (ZTNA) solution, to apply some of the principles between end-users and the applications and systems, and then leave an implicit (non-zero) trust model behind the ZTNA gateway. While that is part of Zero Trust strategy, ZTNA alone is not enough. The recent SolarWinds attack proves this as the breach occurred between workloads.
Zero Trust Segmentation
The other key piece of the puzzle is Zero Trust Segmentation, which allows you to build least privilege policy between workloads for all your crown jewel applications in your data center and clouds. We see more and more attacks like the recent supply chain attacks on SolarWinds and CodeCov that don’t exploit user access, but rather exploit the implicit trust between workloads. Zero Trust Segmentation is foundational to achieving a holistic Zero Trust posture.
Formulating Zero Trust Approach
What’s needed is a comprehensive approach that can enable Zero Trust to work everywhere in your environment – in the data center, in the cloud, and at the edge.
It’s important to implement a Zero Trust Architecture that can eliminate security silos across existing IT/networking/security tools to help you reduce risk, lower cost, and save time to deploy for Zero Trust.
To help you with your Zero Trust journey, you need to develop and execute on a comprehensive Zero Trust strategy, architecture, and implementation plan.
Are you looking to meet the White House's Executive Order requirements faster? Learn how here or join us for a workshop where you'll learn how to design a Zero Trust architecture for your federal agency.