The term Zero Trust is a popular term that can be seen everywhere lately, but the concept is not new. The Zero Trust Network or Zero Trust Architecture model was created in 2010 by John Kindervag, a Forrester analyst. Eleven years later, CISOs and IT directors are increasingly applying and implementing the Zero Trust security model in their organizations.
The Zero Trust model proposes a shift from a security model based on perimeter defense to one that involves continuous trust verification. In fact, this model assumes that the network is already compromised.
The key recommendation is to create micro-perimeters or micro-segments to control access to sensitive assets and limit potential damage from malicious actors.
The evolution of Zero Trust architecture and its components
Over the years, Forrester has expanded the original model beyond segmentation to include other elements to ensure that only the right people or resources have the necessary access to the right data and services, namely:
- Data: Categorize and classify data based on its confidentiality; data encryption is also mentioned.
- Workloads and devices: Apply Zero Trust controls such as encryption and data security.
- Users: Restrict and strictly enforce access control.
- Network: Discover sensitive and valuable assets, define micro-segmentation around them.
- Visibility and analytics: Log, correlate, and analyze every action across different environments.
- Automation and orchestration: Implement automation and integrate with other tools to improve detection and response.
Implementing the Zero Trust model in 5 steps
1. Identify your sensitive assets
The first step is to identify and prioritize the most valuable assets that also require the highest level of protection (the protection or attack surface). This involves engaging other business stakeholders to help define these assets. Keep in mind that this process is only complete after management approval.
What are sensitive assets? Make a list of critical valuable assets that could cause the most damage if compromised. Valuable assets can be credit card data, PII, PHI, financial data, etc. They can also be your legacy systems where the main business processes take place. By the way, the definition of sensitive, critical, or valuable assets is entirely subjective. If you ask a customer relations director, they will most likely see customer data, but if you ask a financial director, they will see financial data. Ultimately, it all comes down to the question of what can kill you and what can only harm you.
What business areas or processes use the data? Consider that processes use important assets such as customer relationships, employee experience, revenue generation, regulatory compliance, etc. For example, it is important to understand whether a compromised code repository can lead to a regulatory violation and litigation.
Who currently has access? Which users currently have access? Are they privileged users or not? Consider the possible number of users involved in a breach.
Where is the data located (SaaS or on-premise)?
What current security measures are in place? What controls are in place so that we can identify gaps and take action?
Then, use the probability matrix below to map risks (in the first column) and list attack scenarios based on probability at the top. This is a great overview of the most critical risks that are most likely to occur. It’s also a simple matrix you can present to the board or management.
Here, in the second column, we see that the highest probability of a data leak is related to email infection. This type of matrix will help you identify and prioritize how you use your resources.
2. Map the key business flows of your sensitive assets
This step is about mapping and visualizing communication flows in a hybrid multi-cloud environment. This is a complex and time-consuming process of identifying all assets on the network and figuring out how they communicate. However, by analyzing traffic, we can build a scheme of access control and segmentation policies.
At this stage, it is best to use Tufin. Tufin provides a centralized console that helps to get end-to-end visibility and create an accurate map of the network topology, which gives a clear idea of what is deployed, where, and what interacts with what (workloads, applications and their dependencies, network management points, etc.) in a hybrid environment. This saves a lot of time and provides a highly accurate model of the environment for a quick start or change of the segmentation model. One important note: the more accurate the topology, the less likely something is to break when installing security controls.
3. Create the Zero Trust segmentation architecture
At this stage, the architecture is segmented by examining all subnets and deciding whether we want to divide them further. It is also important to decide where to implement additional security measures such as MFA, PIM, and others. At this stage of the process, Tufin allows you to evaluate current segmentation rules and detect misconfigured, overly permissive, unused, redundant, shadow, etc. rules.
Tufin provides relevant information such as last access, last change, shadow status, rule description, and much more, which helps to reduce risk and improve the rule base.
In addition, Tufin’s Automatic Policy Generator (APG) checks traffic flows to optimize existing policies or automatically generate new policies, which helps to clean up and reconfigure segmentation.
For each new rule or rule change, path analysis and “what if…” analysis highlight the potential impact of changes on a multi-vendor hybrid environment.
4. Create a Zero Trust policy
This step is about creating Zero Trust security policies that ensure that only the right people or resources have the necessary access to the right data and services in a hybrid environment. This is where you want to make sure your policies are appropriate for protecting your critical assets.
Tufin will help in creating segmentation policies. For IP-based segmentation, the Tufin security policy matrix creates a security policy to manage allowed traffic between zones.
In the cloud, Tufin SecureCloud automatically generates policies for applications that require AWS, GCP, and Azure, as well as for Kubernetes network policies.
5. Continuous monitoring and maintenance of the Zero Trust environment
The last step is to ensure that the rule base is up-to-date by continuously monitoring and automating changes, if necessary. In a complex infrastructure, it is impossible to manage security without automation. Rules are constantly changing and should be reviewed regularly, removing and updating them as needed. This is virtually impossible without a holistic, accurate topology.
To be honest, most security teams don’t change or delete old rules for fear of causing a problem. And over time, you will have hundreds of rules that are impossible to manage manually and are no longer relevant to current business needs and communication flows.
It is important to control all aspects of the network to detect policy violations, such as unauthorized access changes or overly permissive rules. In addition, it is very important to identify highly connected and vulnerable assets so that you can prioritize and apply effective remediation.
In addition to using Tufin for centralized segmentation policy management, Tufin SecureChange can quickly automatically make changes. In fact, it saves a huge amount of time.
With SecureChange, every rule change is developed in an optimal way and checked for compliance with requirements and security policies. The negative impact of the human factor is completely excluded. Then, to ensure an accurate and error-free process, all changes are automatically made to all relevant firewalls, cloud firewalls, security groups, etc.
How to best initiate a Zero Trust implementation
Start small and act fast. It’s important to achieve some level of success from the start. If you can quickly demonstrate the real value and benefits of Zero Trust to management or the board, you will gain their trust and may even be given resources to expand your Zero Trust deployment to other segments of the network infrastructure.
Tufin Orchestration Suite: a unique solution for the Ukrainian IT market
Tufin Orchestration Suite is a truly advanced and unique solution from a world leader in cybersecurity on the domestic IT market, represented in the portfolio of the company NWU, which is the official distributor of Tufin in Ukraine. Thanks to this, you have the opportunity to buy Tufin in Ukraine. Tufin Orchestration Suite is a desired solution for SOC teams of any Ukrainian company.
To buy Tufin or get additional information and consultations on the new functionality of Tufin TOS R24-1, please contact NWU.
