By: Senthil Kumar Arumugam, Associate Principal (Cloud Security Delivery and Practice support) – Cloud Security PU, LTIMindtree

Today, most organizations are investing heavily in digital technologies like cloud and SaaS. With the expansion of digital technologies and new ways of working, cyberattacks have become a constant threat to all organizations. Although organizations cannot run efficiently without their employees and third-party vendors, the days of trusting relationships with them are gone as organizations are witnessing a drastic increase in insider threats. Organizations need to operate with a Zero-Trust principle to build robust cyber security control to secure their IT landscape.

Some interesting statistics about Zero-Trust:

• According to an article by Gartner, 60% of organizations will embrace Zero Trust as a starting point for security by 2025
• According to a report published by Global Newswire, The Global Zero Trust Network Access Market is estimated to reach USD 72 billion growing at an astounding CAGR of 23% during the forecast period 2023-2027.

Modern cyber security threats plaguing enterprises

Organizations often need to collaborate with third-party vendors and partners and share data across multiple platforms leading to multipoint cloud-app security and increased vulnerability layers.

The increase in endpoint culture prompted by new ways of working has created a surge in the use of personal devices, leading to several unsecured endpoints connected to the corporate network putting the enterprise at risk.

The new ways of working and digitization are constantly pushing organizations towards increased cloud adoption. These cloud environments work on the virtualization concept, and the cloud infra is often shared. The virtualized environment requires persistent security patches and protection from vulnerabilities. Since the cloud customer is hosting the application in the cloud, they are more responsible for application security. Cloud customers are also responsible for protecting the apps and the OS on which it resides, the supporting infrastructure, and all supporting assets running in the cloud.

Six-tiered zero-trust architecture

Traditional security architecture defends the network by securing the network/perimeter using on-premises firewalls and VPN considering everything is inside the controlled network. But nowadays, data resides on-premises, off-premise in the cloud, multi-cloud, and Hybrid networks.

The Zero-Trust model assumes a breach in every layer and validates every request as if it is coming from an outside network. The main principle of the Zero-Trust model is to assume breach, verify explicitly, and least privileged access. The one-liner theme to understand Zero-Trust is “Never trust verify explicitly”.

The Zero-Trust principle should be applied across six areas of an enterprise.

Users/Identity: Zero-Trust validates the user or identity and the access right through a stringent Identity policy. Identity validation is done with various IDAM and Identity Governance security solutions. The related technologies used to achieve authentications are LDAP, AD, AAD, SSO MFA, and Password-less.

Device/Endpoint: endpoint needs to be secured appropriately as this is the one accessing or holding enterprise data. Endpoint security control such as Antivirus, Endpoint detection and response, regular vulnerability assessment and remediation, Device encryption, and MDM.

Application: application access must be strictly controlled with the latest technology, and if possible, it should be integrated with SSO. Whether the application resides on-prem, in the cloud, or SaaS model, proper security measures like container security must be deployed. WAF integration, API security, and DevSecOps are to be implemented in the software development lifecycle.

Network: organizations should define trust levels, and the network should be segmented and micro-segmented using standard policy. Micro-segmentation can be controlled centrally with a hybrid environment across multi-cloud and on-prem. The other way for any enterprise is to adopt a cloud-first solution based on SASE (Secure Access Service Edge) solutions.

Infrastructure: the infrastructure is to be protected with security controls like AV/EDR, vulnerability management, CASB solution, and physical security if needed.

Data: data needs to be encrypted in all directions of its movement and when it is at rest. A process should be in place to protect the data by a secure storage mechanism, data loss prevention mechanism, and data recovery mechanism.

Conclusion

With a steep rise in cyberattacks, enterprises must implement defensive strategies to protect their digital environment and data. With several threats originating internally, organizations can’t afford to rely on traditional security measures for their organizational security. They need to implement stringent and sophisticated security solutions to fight against all possible threats. Zero-Trust is one of the fool-proof security frameworks that can secure all attack surfaces within an organization and provide a proactive and modern approach to organizational security. The zero-Trust framework validates every access at every layer and ensures that the right data is available and protected from cyber threats. Built on the principles of continuous improvement, Zero-Trust ensures security across all environments now and into the future.

References:
1. Zero Trust Model – Modern Security Architecture | Microsoft Security
2. Gartner Unveils the Top Eight Cybersecurity Predictions for 2022-23
3. Zero Trust Network Access Market Research Report by Security, Authentication, Deployment, Organization, Application Area, Region – Global Forecast to 2027 – Cumulative Impact of COVID-19