March 22, 2021
5 Important Deployment Models for Zero-Trust Architecture
Guidance from NIST can help organizations better implement this bedrock approach to security.
Cybersecurity philosophies have changed significantly over time to adapt to the changing needs of the organizations they serve. In the early days of cybersecurity, we focused on building boundaries between the “inside” and the “outside.” Users and devices that we trusted were placed inside network perimeters and granted largely unfettered access to systems and data within that environment. Those on the outside were untrusted and blocked from accessing sensitive resources. While that approach served us well for decades, it fails to meet the needs of increasingly mobile and cloud-focused organizations as well as increasingly sophisticated and covert threats and malware. The evolution of the perimeter of the network has made it difficult to draw lines between “inside” and “outside” effectively.
Zero-trust architecture (ZTA) represents a philosophical shift in cybersecurity planning that seeks to address this limitation by making trust decisions based on the identity of a user or device, rather than the location. After authenticating a user’s claim of identity, the security architecture provides appropriate levels of access to systems and data based on the organization’s security policy. The overarching principle behind ZTA is that security decisions should always be made explicitly, as opposed to implicit access granted in legacy inside/outside architectures, and any access that is not explicitly permitted should be limited or denied.
When I work with CDW clients, I find that they nod their heads in agreement with this philosophy. After all, it reflects the least-privilege principle that is a bedrock of cybersecurity. The difficulty, however, comes when they try to figure out how to implement this principle in their organizations. The National Institute of Standards and Technology publishes a Zero Trust Architecture guide that offers some deployment models as use cases.
The modern organization must support remote devices, including those from both individual users and satellite facilities. Secure access service edge (SASE) approaches to cybersecurity shift the use of traditional perimeter security functions to a decentralized model, allowing direct internet access from a variety of locations. Protect communications through virtual private networks, used in conjunction with “as a service” versions of solutions such as next-generation firewalls, identity and access management, and cloud access security brokers to deploy consistent security policies that apply to users and devices regardless of their locations.
Cloud-to-Cloud and Multicloud Environments
Organizations often operate in a world composed of many different cloud services, and each has its own native security capabilities. Unfortunately, these capabilities don’t necessarily align neatly with traditional on-premises controls. Cybersecurity professionals operating in multicloud environments need to consider the pros and cons of native versus traditional solutions for security and carefully plan how to align these controls in a coherent manner, including defining and understanding the operational model and entities responsible.
Employees, contractors and visitors have connectivity needs within enterprise environments, often with devices that aren’t managed by enterprise security controls. Network access control technologies allow organizations to control access based on identity, as well as contextual information, and limit access appropriately based on the situation. When necessary, devices will be given limited access or quarantined on special-purpose networks, providing the connectivity needed while mitigating the risk to the rest of the organization.
Collaboration Across Enterprise Boundaries
Modern organizations collaborate constantly, and cybersecurity controls must facilitate this collaboration. The most effective way to achieve this is through the use of federated identity management services that allow users from one organization to use their verified identities to access resources at another organization.
The services that organizations publish for external use are one of the greatest sources of risk, as they are exposed to continuous threats. Threat actors often seek to obtain credentials of valid users for access to systems and data. Multifactor authentication and privileged access management solutions offer organizations protection against misuse of credentials as well as confidence in user claims of identity.
These models provide ideas about deploying ZTA in modern organizations, but they’re templates rather than clear blueprints. Real-world organizations are complex, and they will need to mix and match these models in a manner that aligns with their business activities and strategies. Organizations also need to consider ongoing management and operational effectiveness of their security controls, regardless of their architecture.