Written by Sudeep Das, Technical Leader, IBM Security Systems, IBM India/South Asia
What is the biggest worry for enterprises across different industries today? In the changed realities we face, it is not difficult to answer this question. Cybersecurity is a top concern for most businesses, particularly for those who are opening up their closely guarded networks over Internet to enable #WFH as well as those that are embracing or advancing their hybrid multi-cloud adoption due to the new normal of #work from anywhere. Not to mention the exponential number of threat actors looking to launch cyber-attacks using the garb of COVID-19.
As enterprises battle to conquer the new normal, an old concept of ‘Zero Trust’ has come to the fore. What is zero trust and how pertinent is it for the situation that businesses find themselves? What is the right approach to implement this framework? Here are the answers.
What is the zero trust model?
The underlying philosophy of zero trust is simple – ‘never trust, always verify’ before granting access. This concept was devised over a decade ago by a former Forrester analyst and it has been at various levels of adoption by practitioners since then. Zero Trust model is not a product, it’s a security philosophy and like all philosophies there are many interpretations to suit one’s objectives to build a secure environment for operations.
How is it pertinent today?
Before the zero trust framework came into being, cybersecurity models mainly focussed on the IT perimeter and defence in depth/layered security. However, with the increasing adoption of hybrid multi-cloud, the gig economy, and work from anywhere model prevalent today, the conventional frameworks have become inadequate. In the zero trust model, you can’t trust that each of the layers are working as they were intended to do with its full efficacy. Organisations built these layers and provided exceptions to bypass these layers as well as assumed that users would use the access provided in a legitimate manner and that their access would not be stolen by bad people. Zero trust framework does not assume any such premises and focusses on capability that would allow enterprises to ensure proper identity and access management, have a view of their critical data usage, and leverage analytics and response tools that can give full visibility to the security operations center (SOC). More importantly, the model inherently focuses on remediating threat movements within the network using micro-segmentation and granular enforcement based on user context, data access controls, a location application, and the device posture. A significant aspect of zero trust is that it eliminates human bias that permeates into IT due to the natural tendency of humans to trust one another.
The changing security paradigm in the post-COVID world and acceleration of the journey to the hybrid multi- cloud is bringing the zero trust concept to the fore. So, what are the broad portfolio of security capabilities and experience that businesses need to operationalize the model?
What is the roadmap to achieving zero trust?
It is imperative to understand that merely deploying products does not lead to zero trust. Instead, implementing the products within the framework is a part of the journey towards achieving zero trust.
As a first step, enterprises need to define and govern their zero trust security policies to manage access to all users and privileged accounts using appropriate digital identity security tools – viz. multifactor/risk based authentication, and identity lifecycle management. They need to understand their users, data, and resources to create coordinated, security policies in line with their business. They should discover, classify, and manage access to data proportionate to the risks involved. This way they can protect critical data using zero trust security practices. Enterprises must ensure that they protect the devices and workloads within the network or infrastructure with secure applications and by robust monitoring of endpoints.
Businesses should look at proven skills, expertise, and modern solutions to protect their network, infrastructure, and endpoints from cybersecurity threats. They should leverage intelligent analytics and a single pane of glass view to monitor the behavior of all users, resources, and data connecting within their business. They must use automation and orchestration to rapidly solve and iterate all security issues that occur as part of a zero-trust practice with orchestrated actions and develop common playbooks. It is vital to resolve security incidents with minimal impact to the business by taking targeted actions.
Significantly, enterprises must bear in mind that their existing frameworks can be used to bring in the rigor of a zero trust model as this framework builds upon the existing controls and does not replace anything. There is no need for a ‘rip-and-replace’ approach.
The zero-trust concept is today being considered as the right approach to combat the growing risks in a post- COVID world. The notion of not trusting anyone should be sacrosanct for modern enterprises as they derive agility, elasticity, and scalability from hybrid multi-cloud adoption and work from anywhere models.
Express Tech is now on Telegram. Click here to join our channel (@expresstechie) and stay updated with the latest tech news
📣 The Indian Express is now on Telegram. Click here to join our channel (@indianexpress) and stay updated with the latest headlines