The 8 design principles of a zero trust network
Matthew Margetts of Smarter Technologies
The connected world is a changed world, and enterprises can no longer assume that they have full control over closed networks. Further accelerating the new normal is the COVID-19 pandemic, which shifted a large proportion of the workforce to remote working and forced businesses to increase their use of cloud platforms to support a variety of devices and networks. Unfortunately, criminals take advantage of this upheaval and attempt to increase network infiltrations for nefarious gains.
Matthew Margetts, Smarter Technologies Group director of sales and marketing, discusses the 8 design principles of a zero trust network.
Matthew says, ‘The truth is that legacy security solutions cannot support a zero trust network. In the legacy model, security measures are reliant on a closed perimetre security model that assumes that all users and applications are coming from the same network location and entry points. This approach is no longer sufficient, which is why zero trust security is becoming the preferred network security architecture.’
What is zero trust security?
Zero trust architecture is an approach to IT system design where inherent trust in the network is removed. The network is assumed to be hostile, and each request is verified based on an access policy. Regardless of the device, network and user activity, zero trust architecture is built on access management checks at every level.
The National Cyber Security Centre (NCSC) says, “In a zero trust architecture, inherent trust is removed from the network. Just because you’re connected to a network doesn’t mean you should be able to access everything on that network. This is commonly seen in breaches; an attacker gains a foothold in a network and is able to move laterally because everything on the network is trusted. In a zero trust architecture, the network is treated as hostile.”
The key concepts of zero trust
- The network is hostile and should be treated as compromised
- Inherent trust is removed from the network
- Every request to access data or a service should be authenticated and authorised against an access policy
- Gain confidence dynamically by continuously evaluating the trustworthiness of connections
The 8 design principles of a zero trust network
The National Cyber Security Centre has introduced eight zero trust architecture design principles that are paving the way for future networks for the government. These eight principles are intended to help the public sector and large organisations to implement a zero trust network architecture in an enterprise environment.
- Know your architecture, including users, devices, services and data
- Know your user, service and device identities
- Assess user behaviour, service and device health
- Use policies to authorise requests
- Authenticate and authorise everywhere
- Focus your monitoring on users, devices and services
- Don’t trust any network, including your own
- Choose services that have been designed for zero trust
Let’s take a closer look at the eight principles’ objectives
1. Know your architecture, including users, devices, services and data
To get the benefits from zero trust, you need to have a clear understanding about each component of your architecture so that you can identify:
- Where your key resources are
- The main risks to your architecture
- How to avoid integrating legacy services that do not support zero trust
2. Know your user, service and device identities
An identity can represent a:
- User (human)
- Service (Software Process)
- Device
Each identity should be uniquely identifiable in a zero trust architecture. This is the most important factor in deciding whether or not something or someone should be allowed access to data or services.
3. Assess your user behaviour, devices and services health
The most important indicators when looking to establish confidence in the security of your systems are:
- User behaviour
- Service health
- Device health
Zero trust policy engines need to be able to measure user behaviour, device health and service health.
4. Use policies to authorise requests
The power of a zero trust architecture lies in the defined access policies. Each request for services or data should be authorised against a specific security policy. These policies also help to facilitate safer sharing of data or services with partner organisations or guest users.
The key characteristics of a policy engine in a zero trust architecture:
- Uses multiple signals
- Provides a secure and flexible access control mechanism
- Adapts to the resources being requested
5. Authenticate & authorise everywhere
Any authentication and authorisation activities should consider multiple signals, such as:
- Device health
- Device location
- User identity
- Status to evaluate the risk associated with the request.
Because the network is assumed to be hostile, a zero trust architecture ensures that all connections that access your organisation’s data or services are authenticated and authorised.
6. Focus your monitoring on users, devices and services
In a zero trust architecture, monitoring should always link back to the policies you have set with regards to gaining assurance. A zero trust monitoring strategy focuses on individual users, user behaviour, devices and services to help organisations establish their health.
7. Don’t trust any network, including your own
In a zero trust architecture, traditional user protections such as phishing protection and malicious website filtering may be implemented differently and may require different solutions. A key principle of zero trust is to remove inherent trust from any network between a device and a service—including the local network. Any communication over a network to access data or services should use a secure transport protocol to ensure that the traffic is protected in transit and is less susceptible to threats.
8. Choose services designed for zero trust
Not all services support zero trust, which means that they may require additional resources to integrate zero trust architecture. This causes an increased support overhead, so it’s advisable to consider alternative services and products that have been designed with zero trust architecture in mind. Products with zero trust capabilities allow for easier integration and simpler interoperability.
Adopting zero trust principles in your organisations
If you are new to zero trust or if you’re unsure whether it is the right network architecture for your needs, it’s a good idea to engage with a digital transformation partner to help you design and review a zero trust architecture that meets your organisation’s specific requirements.
The author is Matthew Margetts, director of sales and marketing of Smarter Technologies Group.
Comment on this article below or via Twitter @IoTGN