Trust is good, control is better! How very true – because, at least in the area of cyber security, the ‘zero trust strategy’ is now considered the ultimate in preventing data leaks and defending against hacker attacks. But what does this specialist term mean in detail, and what needs to be taken into account before starting to implement it?
Those wishing to know a zero trust strategy must first understand what it isn’t. It’s not a ready-made solution that’s complete once it’s been implemented. Rather, zero trust describes an IT security concept that follows an overarching principle: Nothing and nobody can be trusted without authentication, i.e. determining its/their identity – be it a device, person or process. If verification is successful, access is granted but is limited in time and only includes the resources that have been expressly released for the relevant digital identity (e.g. applications, drives).
As such, the zero trust strategy doesn’t depend on whether corporate IT relies exclusively on cloud solutions or on a hybrid approach consisting of cloud and on-premise components. This also means that the zero trust strategy is a living process that can never be complete. As technology changes rapidly, modifications to hardware or software – such as establishing a proprietary company 5G network – mean that zero trust strategy components must be supplemented, adjusted or completely replaced accordingly.
Zero trust components
The overall strategy has been outlined above – but what should a company consider before implementing it? Essentially, it consists of a host of procedures based on which the appropriate security infrastructure is then selected:
First, the company needs to weigh up which data and parts of its IT infrastructure are most important to them. For an online retailer, this would be the customer’s payment modalities and information on purchasing behaviour, for example; in hospitals, the patient data; in industry, machine controls, the IIOT networks or the enterprise management system (EMS). The fact that this data is central to the business model also means that it needs to be shielded, especially cautiously, from unauthorised access. To ensure this, the IT managers need to determine the current state of affairs before implementing zero trust: How does the data move within the company? Which devices are used, who accesses what from where – e.g. via VPN from the home office – and where do these data streams converge? When taking stock of these aspects, potential vulnerabilities within the security architecture also need to be put under the microscope without bias.
And last but not least, it’s essential to review your own emergency plan for the worst-case scenario in preparation for a zero-trust strategy: What happens if, for example, an important company server is hacked and data has been decoded? How are affected customers and their own employees informed, and by whom? How can it be ensured that affected systems are reinstalled and backup copies of the lost data are imported? This also involves considering what impacts a hack and data loss entails – it could be immediate financial setbacks due to production downtime or the loss of confidence from existing and potential customers discovering a data leak has occurred.
Development of the security architecture
Outlining the data that needs to be protected and the consequences of a worst-case scenario provide the necessary overview of the current situation in the company and act as the foundation for devising an individual zero-trust strategy. The first thing to do here is to assign a protection class to the previously identified access point to enable optimal protection. The zero trust architecture must be able to make dynamic, context-based decisions about who is granted access to a resource and under what conditions – and in which cases access is denied.
Another blog post will discuss how to proceed and what needs to be considered when implementing the zero-trust strategy.