The Wall Has Fallen, but Zero-Trust Architectures Can Save You

Written by

In case you hadn’t heard, the network perimeter is dead. The pandemic finally did it in, finishing a job that started in the early 2000s.

A collection of CISOs operating as the Jericho Forum heralded the death of the network perimeter in 2004, announcing it as ‘deperimeterization.’ This group of experts, which became part of the Open Group a year later, argued that there was too much traffic crossing the perimeter. That traffic needed verification closer to the asset being protected, it said.

Since then, traffic has become even more distributed, spanning on premise systems, BYOD devices and the cloud. This year, employees became more distributed too as we were all forced to work from home. The perimeter is an anachronism. So, what now?

Zero-trust architectures are replacing the perimeter. Instead of trusting everyone who makes it past your citadel wall, it’s time to assume that everyone inside your network is a potential adversary. The enemy is not just at the gate, but also sniffing around your internal switches and servers.

Implementing a zero-trust architecture means giving everything accessing your data assets gets the lowest possible privilege until it can be authenticated and authorized. This includes not just users, but also applications and devices.

Ideally, that authentication should involve multiple factors. People can use mobile authentication applications. Devices can use digital identities stored on secure processors or software-based keys.

Finally, micro-segmentation uses network management techniques to restrict the flow of traffic within the network. It uses firewalls and virtual networks to check who (or what) is sending the traffic, where it’s going, and what it’s doing. This means that untrusted entities in the network must prove themselves repeatedly to access new areas.

Killing the perimeter and replacing it with a more data-centric approach to cybersecurity is a daunting prospect that spans everything connecting to your infrastructure. That means folding everyone from your cloud service provider to your employees and your contractors into the conversation. Now that the physical office itself is becoming less important in everyday operations, the transition to a zero-trust environment will be more important than ever.

What’s hot on Infosecurity Magazine?