Zero Trust architecture NIST zero trust

What are the principles of Zero Trust?

Developed by John Kindervag in 2010 while a principal analyst at Forrester Research, a zero trust architecture is a broad framework that promises effective protection of an organization’s most valuable assets. It works by assuming that every connection and endpoint is considered a threat. The framework protects against these threats, whether external or internal, even for those connections already inside. In a nutshell, a zero trust network:

Logs and inspects all corporate network traffic
Limits and controls access to the network
Verifies and secures network resources

To expand, the zero trust security model ensures data and resources are inaccessible by default. Users can only access them on a limited basis under the right circumstances, known as least-privilege access. A zero trust security model verifies and authorizes every connection, such as when a user connects to an application or software to a data set via an application programming interface (API). It ensures the interaction meets the conditional requirements of the organization’s security policies. A zero trust security strategy also authenticates and authorizes every device, network flow and connection based on dynamic policies, using context from as many data sources as possible.

To successfully implement a zero trust architecture, organizations need to connect information from across each security domain. Security teams across the company must agree on priorities and align on access policies. They must secure all connections across the business, from data to users and devices to applications, workloads and networks. This architecture requires a well-planned strategy and roadmap to implement and integrate security tools to achieve specific business-focused outcomes. To make a zero trust model work, adopters must:

Make an organization-wide commitment.
Catalog all IT and data assets and assign access rights based upon roles.
Lock down some common vulnerabilities.
Classify data for a data-centric approach (link resides outside of ibm.com).
Segment networks to prevent lateral movement (link resides outside of ibm.com), a culprit in data breaches.
Isolate and protect workloads during virtual machine and cloud server cross-movement.

It might seem like a limiting process from an outside perspective. But a zero trust model's successful implementation can help bring context and insight into a rapidly evolving attack surface to the security team and improve the users' experience.

Read more: Zero trust, an IBM CISO perspective

Zero trust minimum requirements

Zero trust requires a broad portfolio of security capabilities and experience: identity, data, devices and workloads, analytics and visibility, automation and orchestration, and network and endpoint.

Identity

Define and govern zero trust security policies managing access across all users and privileged accounts with SSO, multifactor authentication and lifecycle management.

Data

Protect critical data using zero trust security practices. Discover, classify and manage data access according to risk.

Devices and workloads

Defend the organization with zero trust security practices—from applications secured by design to monitoring and managing endpoints.

Analytics and visibility

Monitor and enforce zero trust security policies with intelligent analytics. View and monitor the behavior of all users, resources and data connecting within the business.

Automation and orchestration

Rapidly solve and iterate on security issues that occur as part of a zero trust practice with orchestrated actions and common playbooks.

Network and endpoint

Apply proven skills, expertise and modern solutions to protect a network, infrastructure and endpoints from today's cybersecurity threats.

Focus on context for an effective zero trust model

A zero trust model requires context (link resides outside of ibm.com) to be effective. Therefore, security teams must collect and use information from across the business to create the context necessary for quick decisions about each connection's trustworthiness. When executed continuously, this model helps organizations speed the process of securely authorizing connections. It enables the right user under the right conditions to gain the right access to the right data. The following four zero trust principles establish a governance model for sharing context between security tools to protect users' connections, data and resources.

Define context

Understand users, data and resources to create coordinated security policies aligned with the business. This process requires discovering and classifying resources based on risk, defining granular resource boundaries and separating users according to roles and duties.

Verify and enforce

Protect the organization by quickly and consistently validating context and enforcing policies. This detail requires actively monitoring and validating all access requests against those conditions defined in the company’s policies to grant the right access quickly and consistently to the right resources.

Resolve incidents

Resolve security violations with minimal impact to business by taking targeted actions. This job requires preparation and taking targeted actions, such as revoking access for individual users or devices, adjusting network segmentation, quarantining users, wiping devices, creating an incident ticket or generating compliance reports.

Analyze and improve

Continually improve security posture by adjusting policies and practices to make faster, more informed decisions. This operation requires continuously evaluating and adjusting the policies, authorization actions and remediation tactics to tighten each resource's perimeter.

Zero trust network access (ZTNA)

Like a virtual private network (VPN), zero trust network access (ZTNA) provides secure remote access to applications and services. Unlike a VPN, a ZTNA is based on defined access control policies, denying access by default and providing user access to services when explicitly granted. ZTNA establishes secure access after it authenticates a user through a secure, encrypted tunnel, allowing users to see only applications and services they have permission to access. This protection method prevents lateral attacker movement, a vulnerability that cybercriminals leverage to scan and pivot to other services. With ZTNA, organizations can implement location and device-specific access control policies, preventing possibly compromised devices from connecting to its services.

What are the key principles of Zero Trust?

Zero Trust seeks to address the following key principles based on the NIST guidelines: Continuous verification. Always verify access, all the time, for all resources. Limit the “blast radius.” Minimize impact if an external or insider breach does occur.

What are the four basic components of a Zero Trust Model?

The Key Components and Functions in a Zero Trust Architecture.

Comprehensive identity management. All access subjects should be identified, including people, devices, etc.;.

Application-level access control. ... .

Adaptive trust. ... .

Adapt to business scenarios. ... .

Adapt to all access scenarios. ... .

High interaction between components..

What are the six pillars of Zero Trust?

The six pillars of Zero Trust: Never trust, always verify!.

Trusted identities. Protect user access and keep control of device identities to secure the digital journey..

Endpoint protection. ... .

Network security..

What are the 3 stages of the zero trust security model?

assessment, control, and recovery operations. A Zero Trust solution requires operational capabilities that: Never trust, always verify – Treat every user, device, application/workload, and data flow as untrusted.