What is zero trust security?

Sophos ZTNA ZTNA online demo

Zero trust security solutions require end-users to be continuously authenticated, authorized, and validated. As such, they enable your business to secure access to its applications and data 24/7/365.

About Zero Trust Security

Forrester Research coined the term "zero trust" in 2010. At the time, Forrester senior analyst John Kindervag pointed out that "security is broken, and no network can be trusted. To fix the problem, Kindervag proposed using security solutions that would inspect network traffic. This would allow businesses to analyze internal and external network traffic sources and find cyber threats hidden within them. From here, companies could ensure that only trusted end-users would be able to access their network applications and data.  

One year later, Google launched its BeyondCorp initiative, which promoted network perimeter security with user- and device-based authentication. BeyondCorp enabled Google employees to access the company's networks without a virtual private network (VPN). It also gave Google employees the ability to securely work from any location, at any time.

In 2018, Forrester analyst Chase Cunningham launched the Zero Trust eXtended (ZTX) Ecosystem, which established seven categories that businesses could prioritize to upgrade their security:

  • Workforce security
  • Device security
  • Workload security
  • Network security
  • Data security
  • Visibility and analytics
  • Automation and orchestration

In 2020, the National Institute of Standards and Technology (NIST) published "NIST SP 800-207 Zero Trust Architecture," which included seven tenets of zero trust:

  • Treating data and computing services as "resources"
  • Securing all communications
  • Granting access to resources on a per-session basis
  • Determining access to resources based on policies that include behavioral and environmental attributes
  • Monitoring and measuring resource integrity and security
  • Authenticating and authorizing users and devices before they can access resources
  • Collecting information about resources, network infrastructure, and communications and using it to find ways to improve an organization's security posture

In May 2021, the White House issued an executive order that requires U.S. federal agencies to comply with NIST 800-207. Since that time, many global organizations have treated NIST 800-207 as the de facto standard for zero trust.

What Is Zero Trust Security?

Zero trust refers to a security framework based on the principle of "trust nothing, verify everything."

The framework emphasizes only trusting end-users that confirm that they are authorized to access applications and data.

How Zero Trust Security Works

Companies use zero trust protection solutions to block unauthorized access to apps and data and lateral movement across their IT environments. They also establish zero trust architecture that allows them to enforce context-based access control policies.

For example, your business can set up zero trust security policies that define end-users based on their role, the devices they use, and other criteria. To access your company's applications and data, an authorized user must validate their identity. If an unauthorized user tries to access your apps and data, your zero trust access policies will make sure that this individual is unable to do so.

To create a zero trust architecture, you must monitor and control your IT environment's users and traffic. You can also use zero trust solutions to encrypt, monitor, and validate traffic across this environment. There are biometrics and other multi-factor authentication (MFA) methods you can utilize to restrict access to your apps and data as well.

Benefits of Zero Trust Cyber Protection Solutions

  1. Increased Visibility into Resources Across Your IT Environment: Provide a picture of all of your resources and the end-users and devices that utilize them and notifies you about any suspicious user and device activities.
  2. Improved IT Management: Automate access requests and authorize user and device access to your apps and data only if certain conditions are met.
  3. Enhanced Security: Control how and when users and devices access your apps and data.
  4. Secure User Experience: Give authorized users seamless access to apps and devices, without compromising security.
  5. Compliance: Secure apps and data in accordance with requirements for financial services, healthcare, and other highly regulated industries.

Why Zero Trust Protection Is Important

Zero trust cyber protection solutions reduce your attack surface. They require you to consider your applications and data and how to monitor, manage, and secure them. In doing so, you can establish zero trust protection policies to make sure that only authorized users can access your apps and data.

Types of Zero Trust Security Solutions

1. Network Access

Zero trust network access (ZTNA) solutions connect your resources to your end-users and devices. They also allow you to microsegment your networks.

2. Endpoint

Zero trust endpoint solutions validate your user devices by requesting access to applications or data. They confirm that these devices have not been hacked and are free of viruses and other malicious software. In addition, they verify that your devices are being used in compliance with HIPAA, PCI DSS, GDPR, and other data security requirements.

3. Applications and Data

Some zero trust solutions let you define the level of access to your applications and data. These solutions allow you to set the level of access for resources across your IT environments. For example, you may have a shared server that contains a wide range of data. You can use a zero trust protection solution to separate your data into different categories. You can then manage user and device access based on the data categories you choose.

4. Automation and Visibility

Zero trust security solutions can automatically record your user and device activities. They provide you with dashboards and reports that show who is accessing your apps and data, when they are doing so, and other relevant access control information.

5. All-in-One

All-in-one security solutions combine multiple zero trust capabilities. They offer a broad level of protection and tend to require several licenses.

How to Get Started with Zero Trust Protection

1. Make a Plan

Figure out what applications and data you need to protect. As you do, you'll need to address these cybersecurity challenges:

  • Lack of In-House Cybersecurity Expertise: Your zero trust protection strategy should help you get the best results out of your cybersecurity investments and in-house cybersecurity team.
  • Poor User Experience: Your end-users deserve a zero trust solution that's easy to use, won't slow them down, and offers the best cyber protection.
  • Out of Compliance: You need to comply with your industry's data security compliance requirements — or risk compliance penalties.
  • High Cyber Insurance Costs: A zero trust security solution can supplement your cyber insurance cover and help you lower your cyber insurance premiums.

2. Address Relevant Use Cases

Select zero trust security solutions that protect your business against:

  • Ransomware: Automatically notifies you about and remediates ransomware attacks.
  • Supply Chain Attacks: Shows you what users and devices can access your supply chain applications and data before a supply chain attack can disrupt your operations.
  • Insider Threats: Validates user identities before you grant access to your apps and data so you can protect against insider threats.

In addition, choose zero trust protection solutions that include behavioral analytics capabilities so you can track user and device activities.

3. Optimize Your Zero Trust Protection

Monitor and evaluate your security posture and update your zero trust protection strategy and solutions as needed. When you do, follow these zero trust principles:

  • Always Identify: Utilize single sign-on (SSO) and MFA and require users to validate their credentials with biometrics, email, SMS, and other forms of passwordless authentication.
  • Always Control: Apply appropriate access controls across your applications and data and confirm that users have access to only those that they need to perform their jobs.  
  • Always Analyze: Record and review network and system activity so you can generate security insights and use them to improve your security posture.
  • Always Secure: Identify the applications and data you need to protect and explore ways to secure them from the inside out.

Get your employees up to speed on zero trust security, too. With proper training, your employees can do their part to secure your applications and data.

What to Look for in a Zero Trust Protection Solution

The best zero trust security solution complements the platforms that you're already using for your clients and gateways and offers the following capabilities:

  • Cloud Managed: Does not require any management servers or infrastructure and provide secure access from any device, from any location, and at any time.  
  • Integration with Other Cybersecurity Solutions: Works with your existing security products and allows you to use one console to manage all aspects of your cybersecurity.  
  • User and Management Experience: Provides a frictionless experience and makes it simple to access information about application issues and other security problems.

About Sophos ZTNA

Sophos ZTNA is a zero trust network access solution that lets you securely connect anyone, anywhere, to your business applications and data.

With Sophos ZTNA, you can:

  • Provide end-users with secure access to the applications and data they need
  • Micro-segment applications to guard against lateral movement
  • Lock down and protect RDP access using passwordless options that utilize Windows Hello for Business.
  • Eliminate cyberattack vectors before cybercriminals can use them to get a foothold on your network
  • Securely stand up new applications and enroll and decommission users and devices
  • Get insights into application status and usage

Sophos ZTNA is available as a standalone product and as a fully integrated Synchronized Security solution with Sophos Firewall and Intercept X. To learn more, contact us today.

Get in touch with us today

Watch: Remote Access VPN vs Zero Trust Network Access (ZTNA)

remote-access

 


Related security topic: What is threat hunting?

 

Plus d’actualités sur la cybersécurité