Securing, managing and monitoring an enterprise IT infrastructure requires meticulous planning. Rather than create a framework from scratch, there are several publicly available methodologies security leaders can adopt to benefit their own infosec programs. One of the more high-profile examples of available frameworks is known as the zero-trust model. This model differs from other security framework approaches from both a methodology and benefits perspective.
How zero trust is different
As its name implies, zero-trust security treats all users, devices and resources as untrustworthy — regardless of who or what they are or where they connect to the corporate network from. This is in stark contrast to more traditional security frameworks, many of which create security boundaries where those on the outside are trusted less than those on the inside. With zero trust, there are no boundaries, and nothing is inherently trusted.
While clearly more restrictive, the benefit of zero-trust architecture is that it creates a far more secure environment that protects against unauthorized access to sensitive digital assets. This shift is in response to the continuous increase of users, autonomous IoT devices and networked applications a corporate network supports.
Many organizations already dismantled the traditional secure perimeter security philosophy as they began migrating apps, data and services to the cloud. This is another reason for the uptick in zero-trust adoption. It is easy to see why the change from boundary-based security to resource-based security was necessary. Simply put, the increased attack surface area caused by more users, devices and networked services required this change.
Cybersecurity benefits of zero trust
Because the zero-trust framework is a holistic approach for an organization, there are a wide range of security benefits. For one, zero trust granularly identifies users, devices and applications on the network. This is necessary in order to apply organizationwide policy rules using role-based access.
Granting the appropriate level of network access enables the microsegmentation of the various users, devices and applications. Microsegmentation can not only prevent access to sensitive resources, but also contain potential active threats from spreading.
Finally, another benefit of the zero-trust model is that it increases in access visibility by continuously monitoring and logging access requests and policy changes over time. This data can either be analyzed separately or combined with other security monitoring and logging data sets through the use of SIEM or security orchestration, automation and response security tools.
Dig Deeper on Risk assessments, metrics and frameworks
Related Q&A from Andrew Froehlich
Never trust, always verify. Learn how to implement a zero-trust architecture to help manage risk and protect IT workloads at your organization.
Andrew Froehlich breaks down how authentication and digital identity differ and how each of them are intrinsic to identity and access management.
In order to build and maintain a comprehensive access management program, enterprise leaders must get to know the various forms of digital …