What it takes to build a zero trust network

Zero trust networks offer better protection against data breaches, but the road to them can be arduous.

Become An Insider

Sign up now and get FREE access to hundreds of Insider articles, guides, reviews, interviews, blogs, and other premium content. Learn more.

The zero trust model, centered on the notion that nothing either inside or outside the network perimeter can be trusted without verification, is garnering increasing attention from enterprises struggling to prevent data breaches using conventional approaches.

Organizations that want to implement the model, however, need to be prepared to jettison practices based on deeply embedded notions of trusted insiders and the secure corporate network, said security experts at SecurIT, a CSO-organized event on the topic, in San Francisco last month.

The zero trust model

Analyst firm Forrester Research coined the term 'zero trust' back in 2010 to describe a security model where anyone and any device attempting to connect to a network asset is treated as untrustworthy. The model emphasizes the use of device and user credentials, rather than network location, as the basis for granting or denying access to network assets.

Forrester and others have said the approach is critical to preventing attackers from moving about undetected inside a network looking for high-value targets after they have breached the perimeter. Numerous recent data breaches have happened because conventional security controls and data leak prevention tools were unable to spot malicious activities being carried out by external actors using stolen credentials to move about freely. The problem lies in the long-held practice by organizations to implicitly trust users and traffic on the internal network while treating only external users as untrusted.

Threat actors are not the only issue. A growing mobile workforce and the increasing use of cloud services to host applications and services have also made it harder for many enterprises to establish and enforce a network perimeter. The old castle-and-moat approach of gating access to internal resources via a heavily reinforced perimeter no longer works because of how scattered enterprise data has become and the many ways in which it can be accessed.

"Trust is a dangerous vulnerability that can be exploited," in such an environment says John Kindervag, former Forrester analyst and creator of the zero trust model and currently field CTO at Palo Alto Networks.  To be secure, organizations need to get past the notion of the trusted and untrusted user and network.

"In zero trust everything is untrusted," says Kindervag. There can no more be any trusted networks, trusted devices or trusted people. "We need to wipe the idea that people are on the network," and focus instead on the packets traversing over it, he says. All traffic—not just external—has to be monitored.

The long road to zero trust

Implementing a zero trust network can be challenging. Google, one of the pioneers in this space, spent some six years moving away from its VPN and privileged network access model to BeyondCorp, its own version of a zero trust environment. Along the way, the company had to redefine and restructure job roles and classifications, build an entirely new master inventory service for keeping track of devices, enable better visibility over its apps, and overhaul user authentication and access control policies. Pulling off the effort required support from the board level down.

To continue reading this article register now

SUBSCRIBE! Get the best of CSO delivered to your email inbox.