Zero Trust Security

Zero Trust Security

Zero Trust is not a single off the shelf solution.  It is best thought of a buzzword that describes a strategy of programs and procedures to protect a computer network.

Suppliers are beginning to offer Zero Trust Networking services;   Microsoft (other solution suppliers are available) for example has mapped some of their existing services to the Zero Trust model.

The core concept of Zero Trust is that both devices and users must be authenticated before they can gain access.  When access is granted that will be restricted to the level required for the required tasks.  Ideally only authorised individuals will be able to access a network and will require specific devices to do so.  Additionally those devices will be restricted as to what network resources they can access.  Not only are the key-holders locked down but also the availability of the keys.  Keeping within the same analogy, 2 key-holders with the same privileges cannot even use each other’s keys (such as approved mobile devices).

A complete Zero Trust solution will require imposing considerable restrictions on a network.  In addition procedures need to be in place to ensure that Zero Trust is working.  Businesses should not see this as a barrier and ignore the concept completely.  By creating a Zero Trust strategy and beginning to pick off the more achievable aims the security of a network can be significantly tightened.

Biometric solutions such as Kindus discussed in passwordless solutions could be part of a Zero Trust solution.   Apart from the obvious benefits of not needing to administer a password system users are restricted to the devices that they are allowed to log on with.

A first step in introducing Zero Trust is to investigate the current state of the network.  Ideally the required documentation should already be in place.  Any investigation should consider:

  • Who are the users?
  • What software and data do they need to access?
  • What devices do they use to access that data?
  • Where will they be accessing the network from?
  • What network segmentation is possible (firewalls, routers, VLANs)?
  • How can any Zero Trust solution be policed?

Having a system of rules requires some system to ensure that they all hold up.  With Zero Trust there need to be systems controlling who can access what, using which devices and where they do that from. At present (2022) there are sophisticated SIEM (Security Information and Event Management) tools that will monitor this type of activity.  Graphical and text summaries are provided and alerts sent out.  The AI required to effectively police these systems is, however, still in its infancy.  Rules can be set with related triggers and actions but optimal SIEM implementation requires appropriate system and network knowledge.  People need to be in place with the expertise to understand what the SIEM solution is showing and to relate that to the expected work patterns of system users.  Administrators want to be tracking potential incidents as they occur rather than searching copious historical records for details on problems that have already happened.

The UK National Cyber Security Centre 2021 guidance on Zero Trust is a useful starting point but like most of the subject literature is far from a one-stop solution.  Any implementation will depend on the organisation adopting it.  With our experience in computer security Kindus is optimally positioned to offer bespoke support on the journey to a Zero Trust solution.

More from Security

04/11/2024

UK Data (Use and Access) Bill

The Data (Use and Access) Bill had its first reading in the Lords on 23 October 2024.  This step is merely a formal introduction …

Read post

28/10/2024

Zero-Day Attacks

In October 2024 Google Mandiant reported on 138 exploited vulnerabilities since 2023.  They concluded there had been an increase in the number and speed …

Read post

14/10/2024

SSL Certificate Renewal

SSL/TLS authentication is part of the encryption suite to ensure that a requester is who they say they are and to grant or refuse …

Read post

30/09/2024

The SPAM Bomb

The symptoms of a SPAM, email or subscription bomb attack are almost impossible to miss.  The victim will suddenly receive a very large volume …

Read post

Sign Up

Sign up to our newsletter list here.

    Successful sign up

    Thank you for signing up to our newsletter list.

    Check your inbox for all the latest information from Kindus

    Categories