3 minute read
Zero Trust is an Increasingly Common Term Today
How has the Zero Trust Network Architecture evolved since it was first coined in 2010?
Zero Trust Network Architecture (ZTNA) was introduced with a focus on securing the perimeter of a network by removing the implicit trust that traditional network security architectures relied on. However, an ever-evolving IT environment and cyber-threat landscape have made legacy security infrastructures ineffective. Based on the outdated assumption that anything within the security perimeter can be trusted, they leave organizations exposed to cyber attacks.
Advertisement
Continuous monitoring of all network activity has become a key feature of ZTNA, in order to detect and respond to threats in real time. The increased complexity of networks has led to the adoption of automation to simplify management and reduce the risk of human error. Overall, the evolution of ZTNA has been driven by the need for more flexible, scalable, and adaptive security solutions that can keep up with the rapidly changing threat landscape.
Do you believe that technologies that support zero trust are moving into the mainstream?
The technologies that support Zero Trust are undoubtedly moving into the mainstream. As organizations increasingly adopt cloud computing, mobile devices, and other distributed technologies, the traditional perimeter-based security model has become less effective. This has led to a growing recognition of the need for Zero Trust security solutions that can continuously verify and monitor all users, devices, and applications attempting to access a network.
Many organizations are now actively investing in Zero Trust technologies, such as multi-factor authentication, identity and access management (IAM), microsegmentation and encryption. In addition, cloud providers and other technology vendors are incorporating Zero Trust principles into their products and services, making it easier for organizations to adopt and implement Zero Trust solutions.
Do you believe that enterprise IT departments today require a new way of thinking because the castle itself no longer exists in isolation as it once did? Historically, many organizations have had a perimeter-focused security model. This model is similar to that of a castle, where a perimeter wall keeps the potential attackers out, while everything inside of the perimeter is considered “trusted”. Under this security model, cybersecurity defenses are deployed at the network perimeter and inspect inbound and outbound traffic to block potential threats before they can cause harm to an organization.
However, this security model has its issues.
Like a castle, if someone inside the perimeter is a threat, then the defenses provide no protection against them. Additionally, any resources outside of the protected network perimeter – including an organization’s cloud infrastructure, remote workers, etc. – are not protected at all.
A zero trust security model is designed to eliminate the security risks associated with a perimeter-based model. Instead of blindly trusting anyone within the perimeter, access requests are granted on a case-by-case basis. These decisions are based upon role-based access controls, where a user’s or application’s permissions are derived from their role and responsibilities within the organization.
How can companies get started with zero trust?
Zero Trust is an increasingly common term that is heard in the security industry. It’s both a mindset for thinking about security as well as a well-architected solution that helps to minimize risk from a changing working environment as well as an increasingly hostile world. Zero trust is an active approach and model that integrates continuous, context-aware analysis and verification of trust, in an effort to help ensure that users and devices on a network are not doing anything malicious. Zero trust models work as overlays on top of existing network and application topologies.
As such, having an agile data plane that can manage a distributed network and using a solution that is agentless is a key consideration, as it can make all the difference between having a solution and having a solution that can actually be deployed rapidly in a production environment. Consider zero trust tools with a host-based security model. In the modern world, many applications are delivered over the web and taking a host-based approach aligns with that model.
Understanding how encryption works in the zero trust model is also important. One option is to enforce encryption from end-to-end across a zero-trust deployment. Implementing Zero Trust using disparate technologies may result in inherent security gaps and complexities. That is why Check Point offers a holistic and practical approach to implementing Zero Trust based on Check Point Infinity, a consolidated security architecture.
