The network perimeter doesn’t exist… Don’t trust anyone!
What is the Zero Trust model?
The Zero Trust security model, devised by a Forrester analyst and evolving over the last decade, is based on the premise that the barrier between what is reliable and what is not reliable in a network has become blurred.
In a model of perimeter security, everything inside the internal network is considered reliable and what is outside is unreliable. However, we move in a much more complex collaborative environment, where corporate information is inside and outside the network, and is accessed not only by internal users, but also by suppliers, customers and all kinds of collaborators. We focus on protecting the “layers” when the important thing is data that is more mobile than ever.
We come from a security model with a “Trust but Verify” approach, where once we have defined who is trusted, i.e. internal users in the network, and untrusted, all external users, we can allow access to network resources by trusted users, but monitor it. However, experience has shown that access to network resources is trusted, but then not verified or monitored: Much is trusted, but little is verified.
The “Zero-Trust” model is based on the fact that no one or nothing is trusted.
Why is a Zero Trust model necessary?
- A good part of data breaches or leaks, exactly 34% according to Verizon, have their origin in internal users of the network (dissatisfied employees, negligence, human errors, ex-employees taking sensitive data etc.).
- If we talk about external attackers, they sneak into the network and devote all their efforts to trying to go unnoticed. They often select specific companies and targets and take their time to access what they want (intellectual property, financial information, personal information, etc.) or simply, like ransomware, encrypt the information and then demand a ransom.
- Much of our information must be accessed by outside users. We store the information not only inside but also outside the network, in different platforms and Cloud applications.
- We must allow access to our information to internal users, not only from inside but from outside the network, even from their personal devices.
Why then continue in the “moat and castle” model to protect our network if we cannot say that who is within the network is reliable? We must forget the premise that what is inside can be trusted and not what is outside, that what is inside is good and what is outside is bad.
The principles of the Zero-Trust model
In the Zero-Trust security model, security professionals must:
- Ensure that data, equipment, systems, etc. are securely accessed regardless of location. Data must be protected inside as if it were outside on the Internet. Any connection to the data is unreliable until proven otherwise, regardless of where it is made from.
- Adopt the least privileged access model strategy and enforce strict access controls: A person should be given access only to the resources they need to do their job and prevented from accessing the rest. In this way you will be preventing him from accessing information that he should not and that, if his identity is compromised, an attacker can have access to everything. It is necessary to control access to sensitive information, controlling the identity, device, application and ultimately the context from which you are trying to access.
- Inspect and record everything: The activity should be inspected not only in the access to the network but also inside, trying to identify abnormal behavior. The more background information available, the easier it will be to determine whether an access should be allowed or not. This allows the message to be sent to possible attackers that they are being monitored, so that they can desist in their intentions.
Evolution and key elements of the model
This model has evolved in recent years from an initial approach based more on network segmentation, to the “Zero-Trust Extended Framework” with a broader focus covering different elements (data, people, networks, applications, devices) and processes (visibility and analytics, automation and orchestration).
The model establishes security competencies in these seven areas so that organizations can take them into account when building their “Zero-Trust” security strategy.
- Data: This is a data-centric security model, where data security is at the heart of it. It should be noted that the ultimate goal of security is not to protect the network, or not the systems, or devices, but to protect the most valuable thing that is our sensitive data, and also protect the three states of data. The identity/data pair is the true perimeter of the company, which must be monitored and controlled. The company must determine who should access what data, with what permissions and from where.
- People: It is not so important whether the person is on the network or working from home, but, of course, they must have access to the data. You should only allow access to what you need to access and nothing else. This will reduce the risk of possible human errors, identity theft, etc. Of course, you must control that whoever tries to access the data is who he says he is, and monitor the use he makes of it.
- Networks: The micro-segmentation of networks is fundamental. We must make things difficult for an attacker who has entered the network to jump or access different resources.
- Workloads/applications: Access to applications that enable our business to operate, especially those that are publicly exposed, must be controlled in the cloud, also must be integrated data-centric security for applications.
- Devices: It is necessary to know, control and manage the devices that are trying to access the data to decide if they are reliable or not. If the device is compromised, we will have a possible undue access point to our information. With an increasing number of connected devices (mobile phones, IoT, etc.) the possibilities of some of them being compromised increase.
- Visibility and Analytics: We must know who is accessing our data, from what device, network, with what permissions. This visibility is not limited only to the inside of the network but to cloud platforms or third party networks from which our data is accessed. On the other hand, we must not only collect logs, to analyze them in case of problems but also be able to anticipate possible threats based on the access logs we have and try to detect abnormal behavior.
- Automation and Orchestration: With an increasing number of users, applications, devices, etc. it is very complex to be able to perform access control tasks to our data manually. Automation helps control, protection, monitoring and remediation to be done efficiently, optimizing the resources of the organization.
What advantages does the zero trust strategy implementation offer?
Implementing a “Zero-Trust” security approach can provide a number of important business benefits:
- Facilitate innovation and implementation of new business demands: Allows the secure implementation of new collaboration and productivity initiatives with suppliers, customers, etc. that are complex in a completely “perimeterized” environment, where giving access to certain resources can be a security problem.
- It facilitates growth based on knowledge about the data: In an increasingly competitive environment it is critical to learn from data collected from our customers or suppliers. But to do this reliably and securely, it is essential to protect and control access to this data.
- Respond more effectively to potential threats and comply with regulations: Knowing quickly and efficiently where a potential information leak has occurred, and remedying it, can mean that the business is unaffected. In addition, the means and controls are put in place to facilitate compliance with regulations such as EU-GDPR.
How to implement the “Zero-Trust” model with SealPath?
As explained above, at the heart of the “Zero-Trust” security model is data, because it is in the access to this data that an attacker will put all his efforts. SealPath offers a data-centric information protection and control solution that can help us implement the Zero-Trust security model in our organizations.
To implement a “Zero-Trust” security model, Forrester proposes the steps described below. For each step, we indicate how SealPath can assist in its implementation.
1. Identify your sensitive information
The criticality of data is marked by the damage that its loss can cause to the organization. The loss of personal, medical or financial data can lead to non-compliance with regulations. Check where you store it: In internal folders in the “financial”, “human resources”, etc. area of a file server, in a “SharePoint” type document manager, etc.
How does SealPath help?
- Once the sensitive information has been identified, which information repositories it is in and what type it is, it can be protected automatically. With SealPath for File Servers you can protect sensitive information that you have identified in certain network folders (e.g., from the Finance Department, Legal Department, etc.). We can also automatically protect it if it is in SharePoint, Office 365, Box, G-Drive, OneDrive, Alfresco, etc.
- If identified information is subject to regulations such as GDPR, PCI, etc. with SealPath we may apply protection (encryption) so that no matter where you move, it is always protected, thus facilitating compliance with these regulations.
- SealPath integrates with information discovery solutions such as DLPs (ForcePoint, Symantec, McAfee) so that you can automatically protect information of a certain type. It also integrates with information classification solutions so that if a user classifies information as “internal use,” the document can be automatically protected with the policy set by the administrator (e.g., that only users in the domain can access it).
2. Understand the flows of sensitive information in your organization
Analyze the path that the organization’s sensitive information takes in its life cycle: For example, in the case of financial data with account numbers, see where it is created, who does it, where it is stored, who usually accesses it, with whom it is shared, where it is sent or copied, etc. Understanding normal flows will allow us to discover possible abnormal behavior, possible points of leakage of information, see ways to design these flows more optimally, and better prepare for regulatory compliance.
How does SealPath help?
- SealPath allows different policies to be applied to the data depending on the life cycle they are going to follow. These policies can be applied automatically or can be made available to users to include security at certain points in the data flow. Policies can cover the entire organization, departments, specific work teams, or individual users. Specific policies can be generated according to the type of information and flow that will be followed. For example, we can apply the policy “Minutes of Management Meeting” or “R&D – Project X” so that we protect this type of information from its creation, allowing access to those who can access it and preventing access to those who should not.
- Once the information is protected, it is possible to understand how it is used, who accesses it, if someone tries to access it without permission. You have complete visibility of access to the information whether the file is inside or outside the organization.
It is possible to see deviations from normal patterns of behavior, such as identifying when a user is trying to unprotect a high volume of information. Or when a user who has left the organization is still trying to access it.
3. Defining Zero-Trust security micro-perimeters
The term “micro-perimeter” is based on the concept of segmenting the network to limit the possibility of a potential attacker jumping easily from one side of the network to the other. These “micro-perimeters” must be built around sensitive information once the flows that follow it have been identified. The first objective is to protect sensitive information and to do so it is essential to establish access controls wherever the information is located, when it is moved, used, etc.
How does SealPath help?
- With SealPath, security travels with the data. SealPath marks the micro-perimeter around the files themselves, the sensitive documentation, which is the target of a potential attacker.
- Data remains encrypted at rest, in transit and in use. Whatever the flow of the document, we can guarantee that only those who have permission to access it can do so. An attacker may have created a security breach in our network and extracted information, but if it is encrypted, there is little he can do with it.
- SealPath allows you to define which people can access which files. From which networks, with which permissions (e.g. View Only, Edit, Print, Copy and Paste, etc.), for how long.
- The protection is dynamic and we can modify it in real time: We can revoke access to a document so that the documentation is “virtually destroyed” on a third party’s computer. We can give more permissions to a person if necessary since we had initially given a set of minimum privileges.
4. Continuously monitor the “Zero-Trust” security ecosystem
Monitor external and internal activity on the data and identify potential threats, risks and improvement options. It checks where the data is moving and whether someone needs to continue to have access to it after a period of time or when active collaboration with the data has stopped.
How does SealPath help?
- It is possible to audit activity on protected information, regardless of where it is located. We can monitor who is accessing it, who is unprotecting it if they have permissions, who is trying to access it and who does not have access to it.
- The activity is captured in real time, as the information is accessed, and it is possible to integrate it into a SIEM so that it can be correlated and analyzed along with other network events. We will be able to alert if the activity detected is suspicious, and take remedial action to prevent possible information leaks.
- SealPath displays in the web interface for the administrator summaries of activity on protected information: Top 10 users with most blocked access attempts, Top 10 of documents at risk, Most active internal and external users with sensitive documentation, etc.
- It also shows access logs to protected documents in the organization, being able to filter internal and external users, types of documents, type of alert (unprotected, blocked access attempt, users added to the document, etc.).
- The audit information is not only accessible to the administrator, but also to the users who protect who can see your protected documents, other people’s access to your protected documents and alerts about your protected documents.
- Users see that access to sensitive information is being monitored. It allows to extend a culture of protection over sensitive information, and mitigates the possibility of someone leaking information, knowing that it is being monitored.
5. Adopting automation and safety orchestration
Many organizations still rely on manual processes for the realization of certain areas. Manual security operations can slow down the ability to respond to a potential threat. It is important to automate and orchestrate as much as possible certain protection processes, threat detection, etc., as this will not allow us to strengthen our defenses and respond efficiently to detected threats.
How does SealPath help?
- SealPath allows you to automate the protection of documentation stored in different folders on a corporate server. When users copy or move documentation to it, it is automatically protected by the policy set by the administrator.
- It also allows automatic protection of information stored in document managers or storage systems such as SharePoint, OneDrive, G-Drive, Box, O365, etc. As soon as the document is uploaded or copied to the folder, it will be protected and if it is downloaded or copied out, it will travel with the protection.
- As we said before, it also allows automatic protection of sensitive information detected by a DLP. If a document with bank account numbers is detected on an endpoint or network folder, the administrator can create a remediation action so that the information is automatically protected.
- Information sent out of the organization via Exchange can be automatically protected. The administrator can set rules so that, depending on the message content, attachments, recipients, senders, etc., the emails and attachments are protected by a specific policy.
Automatic protection can be applied to classified documentation , as explained above so that based on the classification level a certain policy is applied when the user is managing a file or when it is found by SealPath for File Servers in a network folder that is being monitored.
In a world where the security perimeter of organizations has been blurred, the “Zero-Trust” approach proposes a security model that adapts to the new reality of organizations.
Data security, although not the only piece within the “Zero-Trust” security model, is a fundamental piece that adds new protection barriers to our sensitive data against possible intrusions into the network.
SealPath SealPath applies persistent protection that travels with the sensitive documentation it allows, mentioning the principles of the “Zero-Trust” approach:
- Protect access to data regardless of location.
- Controlling that each person accesses only what they need to access and applying strict access controls.
- Auditing and recording all access to sensitive documentation.
If you would like to know more details about how SealPath can help you follow a “Zero-Trust” approach to data security, please do not hesitate to contact us.