The DoD Zero Trust Strategy outlines benchmarks and timelines for full adoption of Zero Trust by 2027

Zero Trust for 2027

In December 2022, the Pentagon released “The DoD Zero Trust Strategy,” which outlines the benchmarks and timelines for the department to fully adopt Zero Trust by 2027. Cybersecurity experts have recommended collaboration between the public and commercial sectors to make the best use of resources and transition smoothly to the new system.

Zero Trust, new security model

Zero trust is a term used in computer science to describe a security model in which users have no preconceived trust in each other. In zero-trust systems, users must prove their trust before they can access sensitive data or systems. This is in contrast to the traditional model where users are assumed to trust each other and access to sensitive data is granted without any proof.

Zero Trust aims to meet the following core principles:

  • Confirmation continues. Always verify access of all devices and users to all resources. Always.
  • Set a “range of exposure” limit in order to minimize damage in the event of an internal or external breach.
  • Automate context data collection and response. For a more accurate answer, you need to account for behavioral data and get context from your entire IT stack (identity, endpoint, workload, etc).

Zero Trust is a solutions framework that continuously monitors device behavior, establishes policies and audits devices. In this strategy, multi-factor authentication is a key component. To user ID and password credentials, Zero Trust adds an extra layer of security. Each device must have an identity certificate that securely distinguishes connected endpoints by serving as an initial element of authentication. In addition, this certificate saves users from having to manually enter their login and password.

No longer need to use a VPN, so users no longer have to waste time logging into the VPN, thus increasing productivity thanks to the Zero Trust multi-factor authentication architecture.

So already in this phase some advantages are produced that improve production efficiency such as:

Users have the tools they need to work more securely on any device, anywhere.

Security checks are being performed in the cloud, so security is enhanced with the new concept of intelligent security.

Additionally, risk reduction is achieved by closing security vulnerabilities and reducing the risk of lateral movement.

Zero Trust Security: What is it?

The realization that existing security solutions are based on the old-fashioned idea that everyone inside a firewall should be trustworthy led to the creation of Zero Trust. Due to the lack of granular security measures, this implicit trust means that once on the network, all users, including threat actors and malicious insiders, are free to move laterally and access or exfiltrate sensitive data.

When a person or device tries to access resources on a private network, whether they are inside or outside the network perimeter, rigorous identity verification is required. This is known as zero-trust security. The core technology associated with the Zero Trust architecture is a comprehensive network security strategy comprising a set of ideas and tools.

Simply put, traditional computer network security is based on trusting the network completely. In a zero-trust architecture, you don't trust anything or anyone.

The idea of ​​the perimeter is at the heart of the security of traditional computer networks. In perimeter security, access from outside the network is difficult, but everyone inside the network is trusted. The problem with this strategy is that once an attacker enters the network, he is free to move within it.

The lack of centralized data storage by companies increases the vulnerability of perimeter systems. Having a single security control for your entire network is more difficult today because data is often dispersed across multiple cloud providers.

Zero Trust security states that by default no one can be trusted, either inside or outside the network, and that all requests for access to network resources must first be verified. It has been proven that breaches can be prevented with this extra layer of security. According to some studies, a single data breach typically costs more than $3 million. This figure should make clear why many companies are now eager to implement a Zero Trust security policy.

In Zero Trust, an enterprise SSO identity engine verifies user and device certificates when the user attempts to access an application, performs a real-time assessment of device health, and initiates a second-factor notification before granting access to the user.

What are the guiding principles of Zero Trust?

Continuous monitoring and verification

The idea behind a Zero Trust network is that no user or machine should be taken for granted, because attackers can be found both inside and outside the network. Zero Trust authenticates device security and privileges, as well as people's identities and privileges. Once established, connections and logins regularly time out, necessitating constant re-verification of people and devices.

Minimum privilege

Least-privilege access is another principle of zero trust security. It's about giving users only the access they need, just like an Army general would give his troops only the knowledge they need. This reduces each user's exposure to sensitive network components.

User permissions must be managed carefully when using least privilege. Because connecting to a VPN grants users access to the entire network, least-privilege authorization methods don't work well with VPNs.

Device access management

Zero Trust requires strict controls on access to devices, as well as restrictions on user access. Zero Trust systems need to keep track of the number of different devices attempting to access the network, make sure each one is authorized, and inspect them for security. As a result, the network's attack surface is further reduced.

Micro-segmentation

Micro-segmentation is also used in Zero Trust networks. It is the process of micro-segmenting security perimeters into discrete areas in order to maintain distinct access for various network segments. For example, a network that implements micro-segmentation with files in a single data center can have dozens of different secure zones. Without additional authorization, a person or program that has access to one of these zones will not be able to access any of the others.

Control lateral movements

When an attacker advances within a network after gaining access to it, this is referred to as "lateral mobility" in network security. Even if the attacker's entry point is located, lateral movement can be difficult to identify because the attacker has already exited to target other areas of the network.

Attackers are meant to be contained by Zero Trust, so they can't move sideways. An attacker cannot access other micro-segments of the network, as Zero Trust access is segmented and must be reset on a regular basis. The device or user account at risk can be quarantined, restricting access to other portions, once the attacker's existence has been identified.

Quarantining the original device or user at risk has the effect of preventing the attacker from moving laterally.

Multi-factor authentication (MFA)

MFA, or multi-factor authentication, is another fundamental principle of zero trust security. The MFA suggests that more than one piece of evidence is needed to verify a user's identity; simply typing a password is not enough to gain access. Two-factor authentication (2FA), used on online platforms such as Facebook and Google, is a typical MFA application. Users using 2FA for these services must provide two forms of identification – a password and a code transmitted to another device, such as a mobile phone – to prove their identity.

Benefits of Zero Trust

 

Applying the principles of zero trust first and foremost helps reduce an organization's attack surface. Additionally, Zero Trust limits the scope of the breach through micro-segmentation, which reduces recovery costs and the impact of an attack when it occurs. By using multiple authentication mechanisms, Zero Trust reduces the effects of user credential theft and phishing attacks. Helps eliminate threats that bypass conventional perimeter defenses.

In addition, zero trust security reduces the danger posed by weak devices, especially those in the Internet of Things (IoT), which are often difficult to secure and update

Adopt Zero Trust?

 

As businesses increasingly rely on technology in their daily lives, it's important that they consider the implications of adopting a zero trust model and the benefits it offers for tackling digital crime. This model allows users to have full access to the resources they need, but severely restricts the likelihood of the devastating cyberattacks we have witnessed in recent years.

error: Content is protected !!