Over the last two years, work has transitioned rapidly to remote and hybrid modes. Hackers embraced this move and profited from flaws and vulnerabilities in organisations’ security architecture. In 2021, corporate networks saw a 50% increase in cyber-attacks per week compared to the previous year, for example. Cybercriminals targeting business-critical and sensitive data, such as personally identifiable information (PII), intellectual property (IP), and financial data, are keenly aware of how today’s cloud environments can be ideal targets.
The way modern organisations operate means that legacy security approaches aren’t good enough. The boundary between an organisation’s network and the outside world is no longer as clearly defined. Data is constantly being shared, stored and accessed from all kinds of locations. With so much happening in cloud-based environments, the way organisations manage their cybersecurity and network security needs to evolve. Zero Trust is one approach that helps them face up to this new reality.
Understanding Zero Trust Security
Zero Trust is a network security concept based on the idea of ‘never trust, always verify’. No one individual or device in an organisation’s network should be allowed access to documents or data until they have been verified. No one is above this robust authentication and authorisation process, and any device and person must satisfy this whenever they seek access to part of a network or specific files.
Part of a Zero Trust philosophy can include UEBA (user and entity behaviour analytics). By continuously monitoring network activity, and how users are interacting with data, a baseline of ‘normal’ activity is established. If there is a sudden change in that behaviour from normal patterns it can be flagged for someone to more closely monitor and increase security provisions as needed.
For instance, let us take a scenario where an employee who usually signs in from Mumbai, India, is suddenly attempting to access company data from Istanbul, Turkey. UEBA would identify this abnormality in the employee’s behaviour and flag it. The employee may be served with an authentication challenge to verify their identity, even if their username and password were submitted successfully.
Zero Trust takes security a step further from traditional perimeter-based security as it is location-agnostic. Even if attackers gain access to a company’s network, it doesn’t automatically mean all data and applications are up for grabs, because further authentication is required.
Many firms allow far too many processes to operate openly on the network, making them easy targets for hackers hunting for enterprise networks with the bare minimum of security. Since the network is accessible for everyone inside the company, anyone can share information, which is concerning. Risks don’t just come from external actors, but insider threats too, as difficult as that may be for an organisation to face up to. A Zero Trust network is flexible enough to accommodate for these realities.
How can organisations benefit from Zero Trust
The best solution in a world where cybersecurity teams are struggling to keep up with the disparate tools and vendors they are juggling every day is one unified cloud service. This simplifies security, and allows distributed organisations to adapt to a hybrid workforce without putting business resources at risk. Building a zero trust philosophy into the way the corporate network and access management is designed is ideal for this.
One of the benefits of this approach is that it reduces the attack surface. With Zero Trust, users connect directly to the apps and resources they need, as opposed to entire networks. A direct connection between users and apps is established, which eliminates the possibility of lateral movement to other services and data. Even if a single device gets infected, it happens in isolation – they aren’t connecting to a VPN which grants them the keys to everything, including other devices.
Another important aspect of Zero Trust is that it integrates consistently into the experience users have. If a security tool is too intrusive and disruptive, employees will seek workarounds, which ultimately can open up security blind spots and flaws that cybercriminals can exploit. By operating at a network level, across all documents and data an employee might access, security teams can ensure authentication remains rigorous, without creating risks like shadow IT that come about when ‘official’ means of getting work done is seen as too challenging and convoluted.
In a world where hybrid working is the norm, a simplified solution to cybersecurity is the only way business leaders can secure their users and data across all kinds of locations and services. By moving everything to one central platform, teams can ensure one set of policies is applied consistently from one cloud platform.
As a business grows, this protection can also be scaled alongside it. Zero Trust is a critical element of the straightforward fix that organisations desperately need to manage their cybersecurity.
By Nirav Shah, VP & CTO, Forcepoint India Innovation Center