Project Management - The Whys, Hows & What Nots
Geethanjali Kalibhat
Engineering Project ManagerWelcome to the Cybersecurity Era
Good day, wherever in the world you are. In these pandemic times, we are the cybersecurity warriors and the backbone of IT infrastructures at our various organizations. My name is Sophia, a cyber safety veteran with over 15 years of exposure, primarily in compliance and risk management. I am currently working as a security evangelist at Insta and am also a chief community builder of Women in Cyber and involved in many diverse initiatives.
In today's digital session, we are going to explore a ubiquitous term in cybersecurity that has seen a surge in usage during the pandemic, "Zero Trust". So what is Zero Trust? What is trust? We will explore these topics and more during our conversation and hopefully answer your queries and concerns surrounding these concepts.
Customer Challenges in Cybersecurity
The pandemic has resulted in a global increment in cyber attacks. During 2021 and 2022, there was a noteworthy rise in instances where Zero Trust was mentioned as a defense model to safeguard digital assets. Major challenges that we face today in IT infrastructure boil down to four salient points:
- Business continuity
- Security risks
- Performance
- User experience, alongside a lack of access visibility
Trust – Its Importance and Contribution
Trust, defined as having confidence, faith, or hope in someone or something, has become the big vulnerability in the realm of cybersecurity. Not only is trust a major vulnerability, but it is also an exploit technique. By achieving authentication on a network, one can exploit trust.
The Concept of Zero Trust
With the rapid rise in breaches, cybersecurity has now become a hot topic discussed everywhere from boardrooms to social platforms. The worry is no longer just about data loss or financial loss – the entire business is at stake. This leads us to Zero Trust - a name emerging from the chaos and uncertainty. But why Zero Trust, and why now?
As cloud technology and mobility evolved, the infrastructural landscape experienced a revolution. No longer were workers confined to LAN environments. Applications had spread to the cloud, and users accessed devices and applications from everywhere. This necessitated a shift from the trust-all model to trust-but-verify, bringing forth the principle of Zero Trust which insists on Trusting no one. As a result of this access model, an attack gets contained within a small boundary or perimeter due to the provision of least privileged access.
Core Principles of Zero Trust
Forester, Gartner, and Nest offer key frameworks on the Zero Trust extended ecosystem. They share three common core principles:
- Ensure all resources are accessed securely regardless of location
- Adopt a least privileged strategy and strictly enforce access control
- Inspect and log all traffic
Zero Trust functions as an integrated system using contextual information from identity, security, IT infrastructure, risk, and analytics tools to dynamically enforce consistent security policies across the enterprise.
Zero Trust Deployment Models
There are four primary Zero Trust deployment models:
- Resource based
- Enclave based
- Cloud rooted
- Micro-segmentation based
Zero Trust Use Cases
From securing remote access to managing multi-cloud and hybrid workloads, Zero Trust plays a vital role. Traditional VPNs, for example, are not equipped to manage the security and operational issues brought on by rapid deployment. The adoption of Zero Trust can help overcome these issues.
Benefits of Using a Zero Trust Model
Implementing a Zero Trust model has several advantages. It aids in protecting customer data, dramatically reduces the attack surface, provides an integrated security infrastructure, simplifies security, enhances the user experience and offers complete visibility into network traffic.
In conclusion, with the increase in remote workforces and the adoption of digital transformation processes, security has come to the forefront. Traditional solutions are often inadequate for tackling these security challenges. As such, Zero Trust solutions offer enhanced security levels without compromising the user experience, making them an invaluable asset in the modern, digitally interconnected world.
Video Transcription
Good morning, good afternoon. Um Good evening, wherever you are. Thank you for your presence. I hope uh you and your family are safe and healthy. We all should appreciate ourselves for being the cybersecurity warrior and the backbone of it, infrastructure at our organizations in the pandemic era.
So let me introduce myself. I'm Sophia presi with over 15 years of experience in cybersecurity, primarily in compliance and risk management. I'm also a chief community builder of Women in Cyber and also involved in several diverse initiatives like info girls, women in cybersecurity.
Currently, I am working as a security evangelist at Insta. Thank you woman in tech for this wonderful opportunity. So what we are going to cover today? What is zero trust? What is trust, zero, trust, history and evolution, deployment models use cases. So in the next 20 minutes, I'll be covering zero trust, architecture, deployment models and use cases. I hope the session will be helpful to all the listeners. So let us understand in today's session, all this in detail. So these are typical customer challenges. Zero trust has become the signature security technology since the pandemic and widespread across the globe and media we saw a large number of cyber attacks happening in 2021 and 2022. And recent breaches mentioned zero trust as a security model to safeguard digital assets. So what are the customer challenges? Now? Let us look at some of the typical customer challenges and understand how zero trust helps the challenges that we have in. Most of the it infrastructures are related to access management which can be put into four buckets, business continuity, security risks, performance, and user experience, lack of access visibility. So what is trust, trust is defined as to have confidence, faith or hope in someone or something?
Trust is a vulnerability. It is the only vulnerability that is an exploit technique at the same time to exploit trust. All you need to do is to get authenticated on the network. Now breaches in cyber security. I'm sure the entire boardroom resonates. This is a hot boardroom topic we see in every boardroom either starting or ending. The cyber security conversations are taking up prior. It was data loss, financial loss, but now the entire business is at stake. The CEO of an organization is the most important person responsible for this, wherein this has become a very important area to focus on. So let's understand what actually happened. How did we reach here? What were the market transitions that has led us to this to speak, that led us to this situation? What we are speaking today? Now, I'm going to take you through the journey of how legacy it world operated. Imagine everyone in your organization is accessing every asset of your organization, including the applications SSH RDP, etc on a single click from a user interface. Isn't that a wonderful thing? It security is becoming more complex and diversifying. Today earlier, we had the user devices, applications and servers within a closed network, limited to a particular building or a set of building as part of a land. At that time, there was no way an external user could get visibility.
What's happening into this network and the access management system as it is a completely closed network. So the closed network was protected in a similar fashion like how the castle and moat was protected in the olden ages, having a strong perimeter level protection and limiting all our activities within the perimeter. So why do zero trust and why now? But then with the evolution of cloud and mobility, a revolution began, what happened is that all these four elements, users, devices, applications, servers have spread out workers or the users were expected to access the applications remotely anywhere from any location. Whereas the servers and applications have spread out to multiple cloud environments and data set intervals. Now imagine for a second, if you're a cloud admin or a system administrator, then what is it for you? From a security monitoring perspective, typically you would be a 2 to 5 years experienced person professionally dealing with multiple dashboards or command lines to manage your public clouds, private data centers, hybrid situations as you'd be handling an island of technologies like SSH PC VPN, direct connect MP L and what not this, this is not really complex, isn't it now having multiple data centers and cloud environments and picture as well on external internal users accessing these applications from different devices has become a challenge.
And that is why I bring into the topic zero trust and why we need the zero trust infrastructure in place. The term zero trust means trust but verify. Previously there was LAN environments where we all trusted each other, right? But now with the applications moving to the cloud, the remote and mobile workers accessing the devices and applications from anywhere we are moving to the trust but verify model. So our situation is something like this where the zero trust says trust, no one so zero trust help us to contain the spread of an attack within a smaller boundary or perimeter as each user is given the least privileged access. And that's what zero talk talks about this mantra. Never trust users, never trust devices, never trust the network zero trust frameworks. There are key frameworks from Forester Gartner and Nest where the zero trust extended ecosystem by Forester the Gartner gata continuous visibility and access and N guidelines to zero trust architecture. The zero trusts code principles, the zeroth trusts code principles. There are three core principles that is accepted as being foundational and essential.
Let's see from a current industry perspective, the zero trust principles, those are ensure all resources are accessed securely regardless of the location, adopt a least privileged strategy and strictly enforce access control, inspect and log all traffic. Now summarizing the zero trust working definition.
A zero trust is an integrated system platform that uses contextual information from identity security and it infrastructure and risk and analytics tools to inform and enable the dynamic enforcement of security policies uniformly across the enterprise. The zero trust shifts security from an ineffective perimeter centric model to a resource and identity centric model. So as a result, organizations can continuously adapt access controls to a changing environment, obtaining improved security, reduced risk, simplified and resilient operations and increased business agility.
So there are 40 trust deployment models, resource based and cave based cloud rooted in micro segmentation deployment model. This is a resource based deployment model. So there is a typically a user agent deployed onto the subject system acting as the user agent, policy enforcement point.
Second, there is an in line p the gateway which is deployed on the resource or as a component directly front of a resource. This diagram introduces us a visual representation of the implicit or an indirectly trust zone which is an area behind a given pep within which all resources are trusted to the same degree. Next is the enclave based deployment model. In this case, the policy enforcement point is sitting in front of multiple resources term as a resource enclave, this collection of resources may be physically located together or logically related. So in this model, the implicit trust zone contains multiple network resources which are very likely communicating among themselves.
And that is it's critical that in this model, the resource en cliff must be running solely on a logical private network that's under the control of the enterprise. Next is the cloud rooted deployment model. In this model, the policy enforcement points that sit in front of the enterprise resource enclaves act similarly to the PPS in the model. So however, these PPS have one important difference. They don't serve as an ingress point into the enterprise network. Instead that function has been logically shifted to the PPS running in the vendors cloud and V orbit. Next is the micro segmentation deployment model. This model is actually a variant of the fast model. The resource based model with the important difference being that the resources are in fact also subjects this has significant implications on the policy model and the enforcement capabilities as well as on the resource discovery and visualization capabilities that commercial implementations typically provide.
This approach naturally has a small implicit zone typically scope to just the resource itself. So as a result, it can provide the fine grained control of resource access and can enforce bidirectional policies. Here comes the use case to secure remote access or VPN replacement modernization needs.
So in this case, there are traditional VPNS that can only establish a single secure network tunnel from the user's device to a VPN server which terminates the secure tunnel and permits network traffic to proceed into the private network area. VPN sustain as a perimeter based network model.
So requiring that any distributed resources be connected to the enterprise core network over a van. Alternatively, they there they will require users to manage manually switch VPN connections when they need to access resources in different locations. So these are often good reasons to adopt zero trust, for example, to overcome security or operational issues caused by a rapidly deployed VPN. The next use case, secure access to multi cloud and hybrid workloads. The next use case which I would like to discuss is that there are many key questions to it. How does your DeVos manage access across clouds or regions? Do you have visibility and audit trails or are we in cost straining your budget? So today we have an increasing number of engineering tasks and develops access to cloud infrastructure. So when the users have to access applications over multiple cloud and DC environments, it becomes a challenge. So zero trust can implement this model in a seamless fashion.
The next is benefits of using a zero trust model. So let us review the benefits protect customer data and dramatically reduce the attack surface. So zero trust security solutions, secure critical assets and infrastructure by employing a split plane architecture. So this means that the access control plane where trust is established and the data plane where actual data is transferred are separated. This helps in blocking network based action. Each of the planes is rendered invisible to external actors. Next is to provide an integrated security infrastructure.
So as has been one of the major problems while implementing a zero trust model is that a single point of trust for network connections is an uphill task to visualize and implement. So integrate identity management before granting access is a highly resource intensive service.
So providing individual applications ability to control their security posture is a stretch. So it is simply difficult to integrate access control, identity management session management as an integrated security architecture. So zero trust serves to not only integrate user aware applications and client aware devices but is instrumental in integrating other security controls as well. Next is the simplified security and an enhanced user experience. The use of convenient multi factor authentication based access and single sign on helps in delivering a secure and more enhanced user experience. So cloud based solutions additionally serve to enhance application performance for the users, allowing them to access only what they need to access and deliver a seamless user experience across different device types, locations and network conditions. The complete visibility into network traffic, a core principle and advantage of zero trust networks is 360 degree visibility and monitoring of all the network traffic for better identification of threat vectors. So by enabling continuous monitoring across the network, it becomes easier for system administrators to fulfill compliance requirements and frame customized access policies. So with an increase in remote workforce and an increased adoption of digital transformation processes, security becomes critical.
Traditional solutions are often found to be inadequate while dealing with security challenges associated with increase in employees working from home. So in this scenario, zero trust solutions are flexible and provides an enhanced level of security without compromising on the user experience.
So many enterprises have recognized the fallacies associated with traditional solutions and have chosen to shift to a more neo model of security and primarily zero trust solutions. Thank you. I hope the session was useful and helpful today. Thank you so much.