Zero Trust and the network

  • 3 minutes

The traditional network security model is built around the premise that, once authenticated, you're assigned a level of authorization to access data and resources on the network. However, as more and more companies and organizations move towards cloud-based services and hybrid working models, the network security perimeter is open to attack.

Network security is a battlefield, fought between security teams using the latest tools to protect your network, data, and resources from attack, and the cybercriminals looking for vulnerabilities they can exploit. They want to gain access to your network to cause disruption and find sensitive data they can steal and sell.

Zero Trust isn't a tool, but a security model. Using this model, when it comes to securing your network, there are two key objectives:

  • Try to limit damage from an attack and the rate at which it spreads.
  • Make it more difficult for a cybercriminal to attack your network.

To achieve these objectives, a network that adheres to the Zero Trust approach makes the following assertions:

  • Assume that your network isn't safe from attack.
  • Threats, whether internal or external, are present on your network all the time.
  • The location of a device on a network shouldn't confer trust.
  • Every user and device should be authenticated and authorized.
  • Device and user behavior should be dynamically assessed from multiple data points.

Zero Trust maturity model

Every organization will be at a different level of maturity when it comes to network security. Within Zero Trust, there's a maturity model that lets you know where you are. It has three categories: traditional, advanced, and optimal. Most organizations will be somewhere between traditional and advanced.

Diagram showing the three progressive stages of the Zero Trust maturity model: traditional, advanced, and optimal.

Traditional

The traditional stage is broadly where most organizations will start when considering a Zero Trust approach for their networks. It can be summarized as follows:

  • Access and authorization permissions are manually managed and largely static.
  • Some internet resources are accessible to users directly.
  • Virtual private networks and open networks provide access to most resources.
  • Device and user workloads are monitored for known threats and static traffic filtering.
  • Some internal and external traffic is encrypted.

Advanced

Organizations are improving their network security posture and implementing improved security policies. This can be summarized as follows:

  • User access permissions to network and data are managed with security policies.
  • Access to cloud apps, internet resources, and sensitive private networks now have restricted access.
  • Network traffic is monitored.
  • Most internal and external traffic is encrypted.

Optimal

On the Zero Trust maturity scale, this is where all organizations want to be. They have implemented large-scale security changes. It can be summarized as follows:

  • Use of adaptive access permissions that check automatically based on user usage and data risk.
  • Every user or device session is continuously evaluated using multiple points of data against policies—access is revoked if a policy is violated.
  • All network traffic is monitored to identify potential threats and the administrator is notified when a threat is found.
  • All data and network traffic is encrypted end to end.

Wherever your organization is, using a Zero Trust strategy can help you to improve network security, and better protect your assets, resources, and data.