What is Zero Trust Model (ZTM)?

What is Zero Trust Model (ZTM)?

Ahmed Banafa 21/09/2020 4
What is Zero Trust Model (ZTM)?

The Zero Trust Model simplifies how information security is conceptualized by assuming there are no longer “trusted” interfaces, applications, traffic, networks, or users.

It takes the old model— “trust but verify”—and inverts it, because recent breaches have proven that when an organization trusts, it doesn’t verify.

This model requires that the following rules be followed:

  • All resources must be accessed in a secure manner.
  • Access control must be on a need-to-know basis and strictly enforced.
  • Systems must verify and never trust.
  • All traffic must be inspected, logged, and reviewed.
  • Systems must be designed from the inside out instead of the outside in.

The Zero-Trust Model Has Three Key Concepts

  • Ensure all resources are accessed securely regardless of location.
  • Adopt a least privilege strategy and strictly enforce access control.
  • Inspect and log all traffic.

“Outside-In” to “Inside-Out” Attacks

According to a Forrester Research report, information security professionals should readjust some widely held views on how to combat cyber risks. Security professionals emphasize strengthening the network perimeter, the report states, but evolving threats—such as increasing misuse of employee passwords and targeted attacks—mean executives need to start buffering internal networks. In the zero-trust security model, companies should also analyze employee access and internal network traffic. One major recommendation of the Forrester report is for companies to grant minimal employee access privileges. It also emphasizes the importance of log analysis; another recommendation is for increased use of tools that inspect the actual content, or data “packets,” of internal traffic.

Teams within enterprises, with and without the support of information technology management, are embracing new technologies in the constant quest to improve business and personal effectiveness and efficiency. These technologies include virtualization; cloud computing; converged data, voice, and video networks; Web 2.0 applications; social networking; #smartphones; and tablets. In addition, the percentage of remote and mobile workers in organizations continues to increase and reduce the value of physical perimeter controls.

The primary vector of attackers has shifted from “outside-in” to “inside-out.” Formerly, the primary attack vector was to directly penetrate the enterprise at the network level through open ports and to exploit operating system vulnerabilities. We call this attack methodology “outside-in.” In “inside-out” attacks, the user inside the “protected” network reaching out to an external website can be just as vulnerable as the user accessing the Internet from home.

Zero Trust Recommendations

  • Update network security with next-generation firewalls.
  • Use a “sandbox” control to detect unknown threats in files.
  • Establish protected enclaves to control user access to applications and resources.
  • Use a specialized anti-phishing email protection service.
  • Use threat intelligence to prioritize vulnerability remediation.
  • Analyze logs using advanced machine learning algorithms to detect compromised and malicious users.
  • Implement an incident management system to minimize the impact of individual incidents.
  • Deploy a cloud services manager to discover, analyze, and control shadow IT. (Shadow IT is hardware or software within an enterprise that is not supported by the organization’s central IT department.)
  • Monitor your partners’ security postures using a cloud-based service.
  • Deploy an enterprise key & certificate management system.
  • Deploy a backup, cloud-based DDoS mitigation service.
  • Deploy a non-signature-based endpoint malware detection control.

Just remember: the zero-trust model of information security means “verify and never trust.”

Share this article

Share this article

Ahmed Banafa

Tech Expert

Ahmed Banafa is an expert in new tech with appearances on ABC, NBC , CBS, FOX TV and radio stations. He served as a professor, academic advisor and coordinator at well-known American universities and colleges. His researches are featured on Forbes, MIT Technology Review, ComputerWorld and Techonomy. He published over 100 articles about the internet of things, blockchain, artificial intelligence, cloud computing and big data. His research papers are used in many patents, numerous thesis and conferences. He is also a guest speaker at international technology conferences. He is the recipient of several awards, including Distinguished Tenured Staff Award, Instructor of the year and Certificate of Honor from the City and County of San Francisco. Ahmed studied cyber security at Harvard University. He is the author of the book: Secure and Smart Internet of Things Using Blockchain and AI

   
Save
Cookies user prefences
We use cookies to ensure you to get the best experience on our website. If you decline the use of cookies, this website may not function as expected.
Accept all
Decline all
Read more
Analytics
Tools used to analyze the data to measure the effectiveness of a website and to understand how it works.
Google Analytics
Accept
Decline