Zero Trust Model: Principles, Challenges, and a Real Life Example

What is the Zero Trust Model?

The zero trust model is a holistic approach to network security, which requires the verification of each person and device whenever it attempts to access resources on a private network. This remains true, no matter if that device or person is already inside or still outside the network perimeter.

This resolves many issues in the traditional network security model, which relied on the concept of a security perimeter. Access to a network was tightly controlled, but once inside, connections were trusted by default and an attacker could cause significant damage.

In today’s distributed environment, with data and applications running on remote cloud services, employees working from home or from personal devices, and the growing use of mobile and IoT, the security perimeter approach is no longer valid and is being replaced by the zero trust model.

The zero trust model comprises a set of principles, and recommends the use of technologies and techniques in line with those principles. There are many technical and operational approaches to implementing zero trust.

What are the Core Principles of the Zero Trust Model?

Here are the main principles driving zero trust implementations at organizations.

Strict Evaluation of Access Controls

The zero trust model assumes that potential attackers may exist inside and outside a network and therefore trusts neither. Any and all users or devices attempting to access network resources must be authenticated, and each access request must be authorized and encrypted.

Variety of Preventative Techniques

To prevent breaches and minimize their damage, a variety of preventive techniques are available.

Multi-factor authentication is the most common method of confirming user identity. It requires the user to provide at least two forms of evidence to confirm credibility. These may include security questions, SMS or email confirmation, and/or logic-based exercises. The more means required for access, the better the network is secured.

Limiting access for authenticated users is another layer used to gain trust. Each user or device only gains access to the minimal amount of resources required, thus minimizing the potential attack surface of the network at any time. All else remains blocked, thereby denying lateral movement for trusted entities.

Micro-segmentation is a network security technique that involves separating networks into zones, each of which requires separate network access. The damage a hacker can do, even once security is breached, remains limited to the microsegment they have managed to penetrate.

Real-Time Monitoring to Identify Malicious Activity

The zero trust model is mainly a preventative one. In addition to preventive measures, real-time monitoring is important, because it can minimize the time between an initial breach and the moment a threat spreads to additional systems on the network. Swift monitoring enables detection, investigation, and remediation, closing the window of opportunity for attackers.

Alignment with the Broader Security Strategy

The zero trust model is insufficient in itself as a comprehensive security strategy. Endpoint monitoring, detection, and incident response capabilities are critical to ensure network safety. Technology solutions, though important, cannot replace a holistic security approach that considers the organization’s broader security needs and compliance obligations.

Learn more about zero trust in our detailed guides:

• Zero Trust Security
• Zero Trust Architecture
• Zero Trust Solutions

Example Zero Trust Implementation: The Microsoft Zero Trust Model

Microsoft shared details of its own implementation of a zero trust model. Microsoft’s zero trust implementation focuses on:

Corporate services used across the organization, including Office applications and line of business applications

• Devices running Windows, Mac, iPhone, and Android
• Device management is handled by Microsoft Intune, a cloud-based mobile device management (MDM) service

Microsoft’s zero trust model has four phases:

• Verify identity—Microsoft requires two-factor authentication (2FA) for remote access to its networks. The authentication method evolved from a physical smartcard to phone-based challenges using the Azure Authenticator phone app. In future, Microsoft aims to eliminate passwords and move to full biometric authentication.

1. Verify device health—Microsoft enrolls user devices using the Intune MDM service. There is a device-health policy that specifies devices need to be managed and healthy (patched and tested to be free of malware and vulnerabilities) in order to access the company’s large productivity applications—Exchange, SharePoint, and Teams. Microsoft will support unmanaged devices for special use cases by providing virtualized Windows desktops and applications.
2. Verify access—Microsoft has minimized access to corporate resources and requires both identity and device-health verification. Access to primary services and applications will transition from direct access to corporate network, to Internet plus VPN, to Internet-only—reducing the number of users who need access to the corporate network.
3. Verify services—finally, Microsoft plans to add service health verification, ensuring that a service is healthy before beginning interaction with users. This is currently in proof-of-concept.

What are the Challenges of the Zero Trust Strategy?

Here are a few challenges you are likely to face as you implement a zero trust model in your organization, and how to overcome them.

Fluidity of Users and Roles

Recent events have changed the way we learn, live, and work. To a greater degree than ever before, the workplace as a physical location housing the majority of a company’s employees is under threat. More and more people access data remotely, using home IPs, routers, public WiFi, and VPN services.

Customers, too, access an organization’s information resources. An online shopper must access inventory, delivery services, demos, and the company website. Suppliers must be able to access operations, safety and payments.

The user base that must access company resources is wide and varied, and the number of access points is ever-growing. Each group of individuals requires a specific set of policies, which can be time-consuming to define and maintain. Considering the high pace of employee and customer turnover, security teams can quickly become overloaded.

Proliferation of Devices

Beyond the human factor lies the hardware. There is a huge variety of mobile devices and personal computers through which employees, customers, and suppliers communicate with a company’s systems. Bring your own device (BYOD) policies, IoT equipment, and the “always-on” mentality, leads to a proliferation of properties, requirements, and communication protocols that must be tracked and secured on an ongoing basis.

Related content: Learn more in our detailed guide to BYOD security

Exponential Growth of Applications

The number of devices is dwarfed by the number and variety of applications they run, some of which are sanctioned and required by the organization, and some of which may be unsafe or malicious. In today’s IT environment, many applications and services are cloud-based.

While the huge growth in applications and services boosts productivity, it poses yet another challenge for IT security teams, who must decide what to let in and what to lock out.

Applications may be shared with other agencies, vendors or third-party services. Communications platforms may be outward-facing and not limited to employees. Which departments use what applications? There is a need for clear policies that do not hinder productivity on one hand, but enable strict, consistent security controls.

Distributed Data and Services

Cloud-based environments are globally distributed and accessible from anywhere, which is both an upside and a downside. Companies are storing more sensitive resources, data, and applications in the cloud, and the old security model, in which company-controlled endpoints and corporate networks can be tightly secured, no longer holds.

With the gradual shift to edge computing, IT teams will also have to readapt from top-down centralized security infrastructures to decentralized trust models. Edge-based systems represent a major risk to the zero trust model, and must be treated as individual networks, with their own zero trust controls and policies.

Zero Trust with Perception Point

Perception Point’s Advanced Browser Security lets users continue using their devices and standard native browsers, but with enterprise-grade security. The solution fuses advanced threat detection with browser-level governance and DLP controls providing organizations of all sizes with unprecedented ability to detect, prevent and remediate web threats including sophisticated phishing attacks, ransomware, exploits, Zero-Days, and more.

By transforming the organizational browser into a protected work environment, the access to sensitive corporate infrastructure and SaaS applications is secure from data loss and insider threats. The solution is seamlessly deployed on the endpoints via a browser extension and is managed centrally from a cloud-based console. There is no need to tunnel/proxy traffic through Perception Point.

An all-included managed Incident Response service is available for all customers 24/7. Perception Point’s team of cybersecurity experts will manage incidents, provide analysis and reporting, and optimize detection on-the-fly. The service drastically minimizes the need for internal IT or SOC team resources, reducing the time required to react and mitigate web-borne attacks by up to 75%.

Customers deploying the solution will experience fewer breaches, while providing their users with a better experience as they have the freedom to browse the web, use SaaS applications that they require, and access privileged corporate data, confidently, securely, and without added latency.

Contact us for a demo of our Advanced Browser Security solution, today.