First coined as a concept by Forrester Research in 2010, Zero Trust security commands intense interest from IT and security executives everywhere. While there are many piecemeal Zero Trust implementations in enterprises today, there has yet to emerge a single solution that will deliver the world to a halcyon state of Zero Trust, where all attackers are pacified, all resources are impenetrable, and users never do absurd things.
Which raises the question: Is it really possible to achieve TOTAL Zero Trust security? Or is it madness to chase this impossible dream?
The answer to this is…neither. Zero Trust is neither an elixir nor a fool’s errand, because it’s not a “thing.” Rather, Zero Trust is a method of security where the central premise is ridiculously simple: trust no one.
With this premise, no communication, system, user, machine or packet goes anywhere without validation. Everything and everyone must authenticate, and only authorized machines and humans may pass through the network.
In Forrester’s latest report, The Zero Trust eXtended Ecosystem, the research firm suggests specific areas that make up the Zero Trust universe: data, people, networks, workloads and devices. There are four functions that interact with these inhabitants of a Zero Trust world: visibility, analytics, automation and orchestration.
Zero Trust cannot be achieved by a single solution. Rather, it’s the collective result of incremental evolutions across security infrastructure and operations. Here’s how I interpret the four functions mentioned above in driving this evolution.
Visibility
Before heading on the Zero Trust journey, it’s important to be able to see what is on the network. If the objective is to put micro-perimeters around resources, install a regime of suspicion and demand verification at every turn, then it’s a requirement to understand where to place the perimeters, where the regime will sit and where to check verification as traffic unfolds.
This kind of knowledge comes only from 20/20 vision of the current network. Achieving such visibility requires certain technical capabilities, including open APIs, scalable data ingest and customizable reporting.
Analytics
Now that all the data is present and accounted for, it’s time to ask questions. When the network is diced into fine grains, there’s plenty of room for creative analysis. To get to a solid foundation toward Zero Trust, it’s important to focus analysis on the right places.
The first step is to conduct a risk analysis. It’s important to understand a quantitative measure of what’s possible and what’s likely to happen. When possibility and probability join together, it creates a formula for assessing and enumerating the risks in the Zero Trust network. Risks must be assessed in light of the current environment (assets and topologies), weaknesses (vulnerabilities) and attacker tendencies (threat intelligence). Key elements to analyze include:
- Traffic Flow Analysis – Shows how a single rule can have downstream implications on the Zero Trust network.
- Access Path Analysis – Shows how communications happen, or the paths a given asset, resource or user could take to get from one place to another. This is especially important for Zero Trust, because when a system or user needs to communicate with any part of the network, the communication is met with suspicion and distrust.
- Attack Simulation – Reveals the ways attackers could traverse the network and exploit vulnerabilities. Moving to a Zero Trust architecture makes it imperative to understand how networks could be attacked, the likeliest paths to compromise, and the countermeasures required to remove that risk.
- Patch Simulation – Pairs with network policy to identify which patches could have the greatest impact on security.
Automation
Security teams may write perfect rules for airtight policy, only to see their darlings become obsolete moments after implementation. Why does this happen? Primarily, because rules become invalid as resources change and evolve, and in Zero Trust, this happens every 0.00034 seconds.
These rapidly evolving systems repeatedly eschew attempts to access them and permit the wrong access as their attributes change. These attributes become a taxonomy, and when that taxonomy goes through real-time mutation, the enforcement points must adapt to the change and do so faster than you completed this sentence.
From this, we see that traditional manual processes are woefully inadequate: it’s simply impossible to write rules fast enough in a Zero Trust world.
This reality has enterprises adopting a method of security intent and separating that intent from the specific implementation. This hierarchy allows enterprises to set a single global policy that’s applied to any network resource with all its defining attributes. Rules and policies are no longer created for the current state (which never stays current); instead, policy is designed for the desired state to ensure security no matter what happens in the Zero Trust environment.
Orchestration
The final piece of the Zero Trust puzzle is orchestration. Orchestration removes all the manual work associated with pushing rule and policy modifications to the network and commands security intent to the Zero Trust network. In a Zero Trust world where the current state of the network is understood (visibility), and potential risks are also understood (analysis), and what’s permissible has been clearly defined (security intent), orchestration brings it all together by enabling changes to be made at the speed of Zero Trust.
Orchestration can provide central control over thousands of enforcement points and millions of rules. Contrast this with traditional approaches, where every possible contingency must be accounted for before making a single move.
This approach is simply impossible in a Zero Trust architecture. Orchestration provides absolute precision with sub-second adaptations to Zero Trust fluctuations to complete the Zero Trust foundation.
Zero Trust imposes significant new challenges on security teams. However, by incorporating these four key functions into a Zero Trust ecosystem, and taking an incremental approach in implementation, enterprises can begin their Zero Trust journey in a way that is methodical, not maddening!