Ryan Pullen, Head of Cyber Security at Stripe OLT explains Zero Trust, why it’s necessary and how organisations can implement polices into their security framework.
Hardly a day goes by without news of a cyber breach reaching the headlines. With recent large-scale attacks such as the Colonial Pipeline being widely publicised in the mainstream media, cyber-criminals can see that there is money to be made, leading to a vast increase in Ransomware-as-a-Service and subsequent phishing attacks.
In fact, the Cyber Security Breaches Survey 2021 reports that 4/10 businesses have had an attack in the last 12 months – as such, the need for robust cybersecurity is more crucial than ever.
Employing measures such as encryption, authentication and a model of Zero Trust is vital to safeguard your data. The term ‘Zero Trust’ is not uncommon amongst those in the tech community, but unfortunately it hasn’t yet established itself as a known strategy to many business owners. The concept has been rapidly growing in both popularity and necessity in recent years, particularly following Google’s implementation of the model in 2014.
The term Zero Trust does not refer to specific technology but is rather associated with an overarching approach to network security. It is a security framework centralising around the belief that no one should ever be automatically granted access to a network – instead, stringent identity verification is required for every user and every device, regardless of where they sit in relation to the network perimeter.
The model essentially acts under the impression that all users and devices trying to access the network are threats.
Traditional approaches to network security such as the castle moat method are flawed. This legacy framework essentially trusts all users once they are past the network firewall security; if a malicious third-party were to gain unauthorised access, they can freely move through the internal systems, accessing any data they like.
Unfortunately, the majority of data breaches occur when a hacker achieves access to the target network by bypassing the company’s security appliances or through an attack vector that relies, primarily, on human error, such as a phishing email – once this happens, hackers have free reign in your network.
The need for digital transformation also means that modern organisations commonly have their data spread across cloud vendors, making it harder for the traditional castle moat approach to work effectively. Employing the Zero Trust model can therefore help to protect fragmented networks with data in multiple locations.
Authenticate and verify access – Zero Trust teaches us to ‘never trust, always verify.’ The first basic principle is to verify the access of any user, device or workload who is trying to access the network – there is no such thing as a trusted source. A lot of organisations choose to use Microsoft Azure Active Directory as a built in solution for managing identities and providing Multifactor Authentication (MFA), a basic security best practice for protecting and governing access.
Adopt a least privileged model – the ‘least-privileged access’ model essentially means that only those that require access are given it. This means that users do not have access to sensitive information that they do not need and also, if a singular account is compromised, the hacker is prevented from accessing large amounts of data.
Network segmentation – micro segmentation is a popular method to achieve a Zero Trust model and network firewall security. It requires network security perimeters to be broken into multiple, smaller VLANs with individual access required for each segment of the network. This allows heightened control over the east-west traffic within your network, drastically reducing the places malware can travel and the damage it can cause.
Risk management analytics – arguably the most important aspect of maintaining a Zero Trust model, inspecting and logging all network traffic for any signs of malicious activity. With unified threat management in place, you will be able to differentiate between a regular login attempt and a suspicious one. Implementing Microsoft Azure Sentinel is a great tool to help achieve your Zero Trust model as it uses built-in AI to provide a birds eye view across your organisation, seeing and stopping network threats before they can even emerge.
By following the principles and technologies listed above, your organisation could start to successfully implement a Zero Trust security framework. Our SecOps team recommend that you start by identifying all data that could be deemed as vulnerable, limit access and, finally, monitor activity to detect network threats.
This data-centric framework will undoubtedly provide a solid defence against cybersecurity threats, network vulnerability and potential data breaches. Firewalls and static passwords are no longer adequate to protect against the rapidly evolving security landscape. By providing protection like this, you will not only be securing your data, but also your business reputation.
By Ryan Pullen, Head of Cyber Security, Stripe OLT