Zero trust architecture is rapidly being adopted by companies and institutes across the globe.
But what is zero trust architecture?
Traditionally, security fundamentals drove around the concept of on-premise and off-premise trust. Companies provided complete trust and access to on-premise devices and users while not trusting off-premise entities and limiting their access. This proved as a single stop gatekeeper to the external world, thereby protecting internal company’s data.
However, a few developments in technology over the years have given rise to the need for a more robust architecture. These include:
- Access is remote: As we have moved into the generation of remote devices and controls, the access to the servers and companies’ logs are not just on-premise. Multiple users will need to access and work off-premise, while also using multiple devices and gadgets to access servers and work-loads. This meant that simply defining trust and access through on-premise and off-premise classification is no longer sufficient. With so many access points and devices, any threat could easily move through the entire company architecture after simply finding in through a number of lesser secure access points. Containing any breach to the local system or subnet was also not possible.
- Workload and servers moving off-premise: With cloud computing and external data storage systems coming in based on the SaaS and IaaS models , it has become common for workloads and data to reside off-campus, which means that the simple on-premise and off premise classification would be insufficient to protect and safeguard against possible attacks and cyber threats.
The zero-trust architecture is built on a proxy server architecture. Zero trust operates on the philosophy of always authenticating the user/device. So every user, device or access request is verified regardless of its location (on-site or off-site). This allows the organisation to maintain higher safety standards and also limit the extent of a security breach. Zero trust security is based on a few fundamental principles:
- Device access control: For every user and device, the zero security architecture requires authentications as well as monitoring. This not only ensures that accessing the network is authorised, but also ensures that the device itself if not compromised.
- Micro segmentation: Under micro segmentation, separate parts of the network need separate access and authorisation. This ensures that in the case of a security breach, the extent of damage can be limited to the immediate sub-part of the network leaving the rest of the network unaffected.
- Multi-factor authentication: Zero-trust security also relies on multi-factor authentication. This basically means that just one static layer like entering a password in not sufficient to authenticate a user/request. A common multi-factor authentication system is the 2-factor authorisation where along with the password, the users are also required to enter a code sent to a registered device.
Zero-trust architecture has been growing in prominence as organisations look at more robust models to ensure data and cyber security.