In 2021 there were 1,862 data breaches, according to the Identity Theft Resource Center’s 2021 Data Breach Report, and the number of cyberattacks continue to grow. The average cost of a data breach for organizations is $4.24 million and with the detection time for a breach averaging 287 days, this poses a significant risk that organizations need to mitigate.
With businesses continuing to shift to remote work environments and the increased cyber attack risk, organizations are being forced to closely assess their data and network security. Alongside this is the larger shift to a zero trust (ZT) security model.
The growing cyber threat has prompted a response from the U.S. federal government, first with the White House’s Executive Order 14028 in May 2021, and more recently with a memo from the Office of Management and Budget (OMB) announcing a federal ZT strategy that federal agencies will be required to adopt by 2024.
Let’s talk about the importance of a ZT security model and how it can be implemented in your organization.
More than just a new buzzword or a grouping of security tools, ZT is a mindset that encompasses the concept of “trust no one, verify everyone”. The infrastructure of a ZT security model takes this mindset and puts it into practice, always verifying identity and assuming that the system is at risk of being breached.
ZT, both in mindset and in practice, starts with data; understanding where it lives and who has access to it. As part of the implementation process, an organization’s infrastructure must be examined, ensuring devices are properly segmented and authenticated before allowing access to company resources and networks.
Building a successful zero trust architecture (ZTA) revolves around four core areas; data, infrastructure, process, and people.
What is a ZT security model?
ZT is a security model that implements that concept of trusting no one operating in the network. In this model, even authorized users and credentials are continually authenticated and double checked. There are several technical components that come into play to facilitate this ongoing identity confirmation.
Implementing ZT in your organization
Let’s use Palo Alto Networks’ five-step methodology to effectively implement ZT in your organization, though they are many different methodologies for ZT to consider.
1. Define the protection surface which includes your most valuable data, applications, assets, and services (DAAS).
2. Map the flow of traffic across a network, as this will determine how it can be protected. Gaining insight into how your DAAS interacts with each other, allows for enforcement of effective controls.
3. Architect a ZT network constructed around the protect surface. Then map out a ZT architecture starting with a next-generation firewall, which acts as a segmentation gateway around the protect surface. This will enable the enforcement of additional layers of controls all the way to Layer 7. As an innovator partner, Aurora can offer professional services around Palo Alto networks, which includes the next-generation firewall.
4. Create the ZT policy around the network architecture by determining, which resources should have access to others. The methodology further defines the following concept of – who, what, when, where, why and how:
Who should be accessing a resource?
What application is being used to access a resource inside the protect surface?
When is the resource being accessed?
Where is the packet destination?
Why is this packet trying to access this resource within the protect surface?
How is the packet accessing the protect surface via a specific application?
This will ensure only known allowed traffic or legitimate application access is being authorized.
5. Monitor and maintain the network by reviewing all internal and external logs. This will offer useful insights that will help improve ZT implementation over time.
Employee empowerment during a ZT transition
Aside from the technical implementation, a key to a successful transition to ZT is buy-in from employees, encouraging them to embody the ZT mindset. The employee side of a successful ZT deployment is to create an environment that is secure for the organization, without adding unnecessary friction that prevents them from doing their jobs.
Having clear communication between the technical team and employees about the security risks the organization is facing, what ZT is, how the ZT security model will be implemented, and how it will impact their workday are critical parts of the implementation process.
Ready to make the transition to ZT?
CASB and DLP are excellent strategies for data protection in a ZT environment. If your organization has sensitive data stored in AWS workspaces and S3 buckets, Aurora’s experts can utilize Symantec DLP to better protect that data.
For more information on Symantec DLP, download our whitepaper AWS DLP.
For more information on zero trust, download Plurilock’s whitepaper Catching Up to the New Normal with Zero Trust.
Contact us to learn more about improving your cybersecurity posture by implementing a ZT architecture.