What is a zero trust architecture?
The zero trust security model aims to help organizations become resilient to cyber threats by continuously detecting and eliminating uncertainty. A zero trust architecture is a framework for implementing zero trust principles.
A zero trust architecture is designed around the realities of the modern threat landscape, grounded in the understanding that organizations cannot identify and block all threats. Instead, zero trust practices help improve the security posture by controlling access across the network.
Zero trust architecture principles
A zero trust architecture strives to implement granular user access control. The National Institute of Standards and Technology (NIST) identifies the following zero trust architecture principles:
A zero trust architecture governs access to resources using organizational policies that define the user and the system identities allowed to specific behavioral characteristics, such as operating system, IP address, location, and working schedule.
The architecture should allow access on a per-request basis, providing access only to the resources needed at a certain time. Continuous authentication processes can help make this a dynamic mechanism that ensures access is truly granted as needed.
A zero trust environment must secure all corporate and network communication regardless of the location. Whether a user’s requests arrive from within the protected network or from a remote access point, the architecture must apply the same level of security to establish consistency. All network communication must be fully encrypted and authenticated.
The architecture should treat all data and devices as corporate resources, including smartphones, tablets, and computers.
Organizations can use different factors and policies to determine their needs and flexibility. Still, in general, every zero trust architecture should ensure compliance with the core principles of the zero trust model.
What are the benefits of zero trust architecture?
A zero trust architecture enables organizations to implement precise, contextual user access to protect users and resources from various cyber attacks, like malicious software (malware) and internal threats.
Safe access without compromising the user experience
An effective zero trust architecture can help grant safe, fast access to applications and data for various remote parties in any location, including partners and employees. It provides mechanisms to provide reliable remote access and also improve the user experience. Organizations can use it to manage and enforce security policies easily and consistently.
Protecting the network across all environments
A zero trust architecture helps protect applications and sensitive data across various locations, including cloud environments and on-premises, whether the data is in transit or at rest. It utilizes tight security controls, such as encryption, authentication, microsegmentation, and granular access control, to protect the network and stop insider threats. Granular access policies applied to the resource level and microsegmentation help restrict lateral movement.
Deep visibility to identify threats in near real-time
Zero trust security provides deep visibility into threats, helping organizations learn the what, when, how, and where of users’ and entities’ activities. Detailed monitoring and logging of these sessions and the actions taken help teams to detect, respond to, and recover from breaches more quickly and effectively. It enables real-time assessment of risks using detailed authentication logs, user and entity behavior analytics, and device and resource health checks.
Best practices for building a zero trust architecture
1. Know your architecture
Organizations looking to build a zero trust architecture must map their network topology and inventory their assets. It requires understanding who the existing users are, what devices they use, and which data and services they access, paying close attention to any component using the network.
Organizations should treat any network as hostile, including local and unsecured public networks, and account for existing services that were not designed for zero trust and might not be able to defend themselves.
2. Create a strong device identity
A zero trust architecture uses device identity as the basis for various security mechanisms, including authentication and authorization. Organizations should implement strong and unique device identities. Each identity must be attached to a device rather than a user, making it impossible to identify devices even when not connected to a network or behind a NAT device.
The device should be verifiable by the network and must never be able to claim several identities or identities that were not assigned to it. The identity should be persistent and remain unchanged even when repurposing or replacing the device. Each device should be verifiable over time to check if the device has been decommissioned or is still in use. It should also be verifiable across networks, including public ones.
3. Create a secure communication channel
A zero trust architecture establishes only secured and trusted communications, protecting against threats like eavesdropping, message modification, and replay attacks. Organizations should ensure that communication channels between any two devices provide confidentiality, authenticity, and integrity of the messages exchanged. It should also support non-repudiation for specific use cases.
Communication channels might also need to support user requests for authorization for various cases, such as when a user tries to access data without the required permissions and authorization of devices for cases when a client tries to connect using an unauthorized device. It should include time-controlled access according to user location or time of day and protection mechanisms against Denial of Service (DoS) attacks.
4. Use network segmentation
A zero trust architecture must include network segmentation and key security controls implemented between network segments. These measures help protect resources against unauthorized access and restrict the movement of threats that manage to breach the network. Organizations can implement segmentation using various controls, including VLANs, IDS/IPS, and firewalls. These security controls should protect against both external and internal threats.
Implementing a zero trust architecture with Gloo Mesh
Solo.io’s Gloo Mesh and Gloo Gateway can help you secure your APIs by enhancing open source Istio and Envoy Proxy. By default, basic open source distributions of Istio and Envoy don’t go far enough to deliver features needed for comprehensive security. Encryption alone isn’t enough, and if you use pure open source you inherit the burden of developing and maintaining missing security features forever. Solo adds comprehensive security controls to your service mesh and API gateways, giving you the capabilities you need and confidence that your environment is as secure as possible.
Control ingress and egress traffic at the edge
Authenticate, authorize, and encrypt all connections
Federate security policies and management
Monitor, log, and trace
Limit access to resources