The What, Why and How of implementing a Zero Trust Security Model

Sophia Priyadarshini
Customer Success Growth Manager
Automatic Summary

A Deep Dive into Zero Trust: The Cybersecurity Staple in a Pandemic Era

Good day to you all, wherever you may be situated; your presence is highly appreciated. In today's digital landscape, we all ought to attribute ourselves as the cybersecurity warriors who bolster the nerve system of IT infrastructure across multiple organizations.

About Me

Please allow me to introduce myself. I'm Sophia Presi, a seasoned cybersecurity veteran with over 15 years of immersive experience primarily in compliance and risk management. I have been enormously involved in a range of diverse initiatives such as 'Women in Cyber' and 'InfoSec Girls.' Currently, I'm lending my expertise as a security evangelist at Insta.

Today's Session

Today, I will be discussing the increasingly pertinent topic of ‘Zero Trust'’. We will touch upon its significant aspects such as its subtle nuances, historical evolution, and the corresponding deployment models and use cases. My hope is that this session will offer insightful knowledge and aid you in understanding these concepts further.

Customer Challenges & Zero Trust

Given the increase in high-profile cyber attacks in recent years, Zero Trust has steadily climbed to be a signature security technology utilized across the globe. Companies are relentlessly grappling to overcome various challenges in their IT infrastructure, with the significant pain points diverging into four main categories: business continuity, security risks, performance, user experience, and a lack of access visibility.

Understanding trust as fundamental as having faith or confidence in someone or something, it brings us to the realization that trust, within itself can surprisingly be an exploit technique. Hence, to ensure cybersecurity, trust in a way becomes a burning boardroom issue under the CEO's eye given the stake of the business.

How Did We Get Here?

The legacy IT world was a closed network, with users, devices, applications, and servers boasting limited visibility. However, the fast-paced, interconnected world we live in today has diversified IT security tremendously, thus rendering traditional methods inadequate.

Why Zero Trust?

With the advent of cloud and mobility, the four key elements - users, devices, applications, and servers - remain disparate. Workers are now expected to access traditional LAN environments from various locations while the applications and servers span different cloud environments and data centers. Thus, to rein in this current state of business operations, we strongly need the 'Trust but Verify' approach brought in by the Zero Trust model.

The core principles of Zero Trust revolve around the simple mantra: 'Never trust users, never trust devices, never trust the network.' Several established frameworks are available to put it into perspective, such as Forester, Gartner, and Nest.

Deployment Models

To achieve a functioning Zero Trust model, we have four noteworthy deployment models:

  • Resource-Based Deployment Model
  • Enclave-Based Deployment Model
  • Cloud-Rooted Deployment Model
  • Micro-Segmentation Deployment Model

Each one provides unique benefits depending on the business needs and IT infrastructure in question.

Use Cases: Benefits of Using a Zero Trust Model

The Zero Trust model is particularly useful in several use cases such as secure remote access, VPN replacement, and secure access to multi-cloud and hybrid workloads.

Adopting a Zero Trust approach has several significant benefits:

  • Protecting customer data & dramatically reducing the attack surface
  • Providing an integrated security infrastructure
  • Simplifying security and enhancing user experience
  • Providing complete visibility into network traffic

In the current era, characterized by increased remote work and digital transformation, effective security solutions become critical. Traditional methods often fall short in addressing the security challenges that come with the increase in remote work. Foreseeing the gaps in these methods, many enterprises have opted to navigate towards the Zero Trust model.

Thank you for joining me on this deep dive into Zero Trust. I hope it has been instructive and helpful. Please feel free to share, comment and ask any questions. Stay safe, and be a cybersecurity warrior!


Video Transcription

Good morning, good afternoon. Um Good evening, wherever you are. Thank you for your presence. I hope uh you and your family are safe and healthy. We all should appreciate ourselves for being the cybersecurity warrior and the backbone of it, infrastructure at our organizations in the pandemic era.

So let me introduce myself. I'm Sophia presi with over 15 years of experience in cybersecurity, primarily in compliance and risk management. I'm also a chief community builder of Women in Cyber and also involved in several diverse initiatives like infosec girls, women in cybersecurity.

Currently, I am working as a security evangelist at Insta. Thank you woman in tech for this wonderful opportunity. So what we are going to cover today? What is zero trust? What is trust, zero, trust, history and evolution, deployment models use cases. So in the next 20 minutes, I'll be covering zero trust, architecture, deployment models and use cases. I hope the session will be helpful to all the listeners. So let us understand in today's session, all this in detail. So these are typical customer challenges. Zero trust has become the signature security technology since the pandemic and widespread across the globe and media we saw a large number of cyber attacks happening in 2021 and 2022. And recent breaches mentioned zero trust as a security model to safeguard digital assets. So what are the customer challenges? Now? Let us look at some of the typical customer challenges and understand how zero trust helps the challenges that we have in. Most of the it infrastructures are related to access management which can be put into four buckets, business continuity, security risks, performance, and user experience, lack of access visibility. So what is trust, trust is defined as to have confidence, faith or hope in someone or something?

Trust is a vulnerability. It is the only vulnerability that is an exploit technique at the same time to exploit trust. All you need to do is to get authenticated on the network. Now breaches in cyber security. I'm sure the entire boardroom resonates. This is a hot boardroom topic we see in every boardroom either starting or ending. The cyber security conversations are taking up prior. It was data loss, financial loss, but now the entire business is at stake. The CEO of an organization is the most important person responsible for this, wherein this has become a very important area to focus on. So let's understand what actually happened. How did we reach here? What were the market transitions that has led us to this to speak, that led us to this situation? What we are speaking today? Now, I'm going to take you through the journey of how legacy it world operated. Imagine everyone in your organization is accessing every asset of your organization, including the applications SSH RDP, etcetera. On a single click from a user interface. Isn't that a wonderful thing? It security is becoming more complex and diversifying. Today. Earlier, we had the user devices, applications and servers within a closed network, limited to a particular building or a set of building as part of a land. At that time, there was no way an external user could get visibility.

What's happening into this network and the access management system as it is a completely closed network. So the closed network was protected in a similar fashion like how the castle and moat was protected in the olden ages, having a strong perimeter level protection and limiting all our activities within the perimeter. So why do zero trust and why now? But then with the evolution of cloud and mobility, a revolution began, what happened is that all these four elements, users, devices, applications, servers have spread out workers or the users were expected to access the applications remotely anywhere from any location. Whereas the servers and applications have spread out to multiple cloud environments and data set intervals. Now imagine for a second, if you're a cloud admin or a system administrator, then what is it for you? From a security monitoring perspective, typically you would be a 2 to 5 years experienced person professionally dealing with multiple dashboards or command lines to manage your public clouds, private data centers, hybrid situations as you'd be handling an island of technologies like SSH PC VPN, direct connect MP L and what not this, this is not really complex, isn't it now having multiple data centers and cloud environments and picture as well on external internal users accessing these applications from different devices has become a challenge.

And that is why I bring into the topic zero trust and why we need the zero trust infrastructure in place. The term zero trust means trust but verify. Previously there was LAN environments where we all trusted each other, right? But now with the applications moving to the cloud, the remote and mobile workers accessing the devices and applications from anywhere we are moving to the trust but verify model. So our situation is something like this where the zero trust says trust, no one so zero trust help us to contain the spread of an attack within a smaller boundary or perimeter as each user is given the least privileged access. And that's what zero talk talks about this mantra. Never trust users, never trust devices, never trust the network zero trust frameworks. There are key frameworks from Forester Gartner and Nest where the zero trust extended ecosystem by Forester the Gartner gata continuous visibility and access and N guidelines to zero trust architecture. The zero trusts code principles, the zero trust code principles. There are three co principles that is accepted as being foundational and essential.

Let's see from a current industry perspective, the zero trust principles, those are ensure all resources are accessed securely regardless of the location, adopt a least privileged strategy and strictly enforce access control, inspect and log all traffic. Now summarizing the zero trust working definition.

A zero trust is an integrated system platform that uses contextual information from identity security and it infrastructure and risk and analytics tools to inform and enable the dynamic enforcement of security policies uniformly across the enterprise. The zero trust shifts security from an ineffective perimeter centric model to a resource and identity centric model. So as a result, organizations can continuously adapt access controls to a changing environment, obtaining improved security, reduced risk, simplified and resilient operations and increased business agility.

So there are 40 trust deployment models, resource based and cave based cloud rooted in micro segmentation deployment model. This is a resource based deployment model. So there is a typically a user agent deployed onto the subject system acting as the user agent, policy enforcement point.

Second, there is an in line p the gateway which is deployed on the resource or as a component directly in front of a resource. This diagram introduces us a visual representation of the implicit or an indirectly trust zone which is an area behind a given pep within which all resources are trusted to the same degree. Next is the enclave based deployment model. In this case, the policy enforcement point is sitting in front of multiple resources term as a resource enclave, this collection of resources may be physically located together or logically related. So in this model, the implicit trust zone contains multiple network resources which are very likely communicating among themselves.

And that is it's critical that in this model, the resource en cliff must be running solely on a logical private network that's under the control of the enterprise. Next is the cloud routed deployment model. In this model, the policy enforcement points that sit in front of the enterprise resource enclaves act similarly to the PPS in the model. So however, these PPS have one important difference. They don't serve as an ingress point into the enterprise network. Instead that function has been logically shifted to the PPS running in the vendors cloud enviro bet. Next is the micro segmentation deployment model. This model is actually a variant of the fast model. The resource based model with the important difference being that the resources are in fact also subjects this has significant implications on the policy model and the enforcement capabilities as well as on the resource discovery and visualization capabilities that commercial implementations typically provide.

This approach naturally has a small implicit zone typically scope to just the resource itself. So as a result, it can provide the fine grained control of resource access and can enforce bidirectional policies. Here comes the use case the secure remote access or VPN replacement modernization needs.

So in this case, there are traditional VPNS that can only establish a single secure network tunnel from the user's device to a VPN server which terminates the secure tunnel and permits network traffic to proceed into the private network area. VPN sustain as a perimeter based network model.

So requiring that any distributed resources be connected to the enterprise core network over a van. Alternatively, they there they will require users to manage manually switch VPN connections when they need to access resources in different locations. So these are often good reasons to adopt zero trust, for example, to overcome security or operational issues caused by a rapidly deployed VPN. The next use case, secure access to multi cloud and hybrid workloads. The next use case which I would like to discuss is that there are many key questions to it. How does your DeVos manage access across clouds or regions? Do you have visibility and audit trails or are we been cost straining your budget? So today we have an increasing number of engineering tasks and develops access to cloud infrastructure. So when the users have to access applications over multiple cloud and DC environments, it becomes a challenge. So zero trust can implement this model in a seamless fashion.

The next is benefits of using a zero trust model. So let us review the benefits protect customer data and dramatically reduce the attack surface. So zero trust security solutions, secure critical assets and infrastructure by employing a split plane architecture. So this means that the access control plane where trust is established and the data plane where actual data is transferred are separated. This helps in blocking network based action. Each of the planes is rendered invisible to external actors. Next is to provide an integrated security infrastructure.

So as has been one of the major problems while implementing a zero trust model is that a single point of trust for network connections is an uphill task to visualize and implement. So integrate identity management before granting access is a highly resource intensive service.

So providing individual applications ability to control their security posture is a stretch. So it is simply difficult to integrate access control, identity management session management as an integrated security architecture. So zero trust serves to not only integrate user aware applications and client aware devices but is instrumental in integrating other security controls as well. Next is the simplified security and an enhanced user experience. The use of convenient multi factor authentication based access and single sign on helps in delivering a secure and more enhanced user experience. So cloud based solutions additionally serve to enhance application performance for the users, allowing them to access only what they need to access and deliver a seamless user experience across different device types, locations and network conditions. The complete visibility into network traffic, a core principle and advantage of zero trust networks is 360 degree visibility and monitoring of all the network traffic for better identification of threat vectors. So by enabling continuous monitoring across the network, it becomes easier for system administrators to fulfill compliance requirements and frame customized access policies. So with an increase in remote workforce and an increased adoption of digital transformation processes, security becomes critical.

Traditional solutions are often found to be inadequate while dealing with security challenges associated with increase in employees working from home. So in this scenario, zero trust solutions are flexible and provides an enhanced level of security without compromising on the user experience.

So many enterprises have recognized the fallacies associated with traditional solutions and have chosen to shift to a more neo toric model of security and primarily zero trust solutions. Thank you. I hope the session was useful and helpful today. Thank you so much.