Principles of Zero Trust Security

Jul 6, 2023 | Security

In today’s world, cyber-attacks are increasingly prevalent, with the number of such incidents continually rising. These attacks can result in significant losses of time, money, and damage to an organisation’s reputation.

It is not only large companies that are targeted, but organisations of all sizes. Small and medium-sized businesses (SMBs) are equally susceptible to cyber-attacks, due to potentially weaker security measures. Common types of cyber-attacks include phishing emails, CEO fraud emails, identity theft, malware, socially engineered attacks and unpatched software.

 

Technology Consumption Changes

The way IT is accessed has changed as a result of the adoption in cloud computing. This is likely to become the standard as cloud computing allows you to access your data and apps from anywhere and from any device. Whilst the benefits this provides to an organisation are ample, there are also the added security issues that need to be considered.

 

The Old Model vs the New Model

Traditional IT security used to rely on a “perimeter security model,” also known as the “castle and moat” approach in which IT and systems were surrounded by a wall of protection; this model is no longer effective as networks, users, and apps are no longer contained within a perimeter. Additionally, the rise of “shadow IT,” in which users store their work data outside the approved IT department systems, makes it difficult to determine where to build the wall. As a result, a newer cybersecurity method, known as zero trust networking, emerged.

Although it is still necessary to ensure that your network is protected and has the appropriate defense measures in place, it is now necessary to assume that it is impossible to build a wall around everything, and that attackers will inevitably find their way in. Instead, efforts must be focused on ensuring that individuals within the network are not able to do anything harmful. This is accomplished by adhering to the principle of “never trust, always verify.” There are four areas that require verification:

  • User – who is attempting to gain access
  • Location – where is this being accessed
  • Device – what device is being used
  • Apps – what is attempting to be accessed

The goal of zero trust networking is to verify that anyone attempting to access your data is trustworthy, the location is trusted, the device is trusted, and has appropriate permissions to access the desired apps or data. However, common challenge that arises here is striking a balance between stringent security measures and a seamless user experience. While it is important to ensure that users can easily access their data without frustration, neglecting to address these critical factors could leave your organisation vulnerable to security threats.

 

Where Do You Start?

We recommend starting with an IT security assessment to evaluate your current situation and develop a risk and remediation plan that outlines steps to enhance your security. It may be necessary to acquire additional security tools, and we often suggest Microsoft 365. Many organisations already utilise Office 365, and Microsoft 365 combines Office 365, Windows 10, and Enterprise Mobility + Security. These solutions encompass various applications that cover the following areas:

  • Identity-driven security: Protect your users and identities using tools like multi-factor authentication, single sign-on, and conditional access policies.
  • Threat protection: Monitor threats using advanced detection and analytics, which analyse data based on the vast amount of information Microsoft collects, including 450 billion authentications and 400 billion emails every month.
  • Information protection: Safeguard your data by implementing self-protecting measures through classifications, rules, and policies instead of relying solely on building a perimeter around all your data.
  • Security management: Efficiently manage and monitor your security through comprehensive dashboards.

By utilising Microsoft 365, you can establish policies and procedures while enabling trusted users to securely and seamlessly access their data, providing an excellent user experience. Simultaneously, threat detection software continuously runs in the background, preventing unauthorised access to your data and allows you to promptly respond to threats through automated remediation.

Finally, it is crucial to ensure ongoing management of your security. If you possess the necessary resources and skill sets, you can handle this in-house. Alternatively, you can choose to collaborate with a cybersecurity partner to manage ongoing support and maintenance.

 

Your Cybersecurity Maturity Roadmap

Each organisation has its own level of cybersecurity standards in place, ranging from basic to robust. Once the necessary tools, processes, and support are implemented, we highly recommend pursuing certification. Certification not only confirms that you have implemented the appropriate measures but also publicly demonstrates your commitment to cybersecurity, instilling confidence in clients, suppliers, and partners.

We propose a three-tier certification approach:

    • Cyber Essentials: This certification verifies that the fundamental security measures are in place, offering protection against common attacks. It is relatively quick to achieve and involves a self-assessment.
    • Cyber Essentials Plus: To attain this certification, you must first obtain the basic Cyber Essentials certification. Cyber Essentials Plus provides an additional layer of assurance as your organisation will take part in external auditing, ensuring the effectiveness of the implemented tools. Achieving this certification takes more time due to the external audit process.
    • ISO 27001: This certification demonstrates that your organisation has comprehensive and robust IT security measures in place, indicating a high level of protection and preparedness. However, obtaining ISO 27001 certification is a significant commitment, involving substantial effort, thorough documentation, and an extensive external audit.
      By pursuing these certifications, you showcase your dedication to cybersecurity and provide tangible evidence of your security posture. This not only enhances your organisation’s reputation but also fosters trust among stakeholders.

Conclusion

Cybersecurity continues to be a critical priority for businesses, and it is essential to ensure that the efforts invested in security measures are effective, particularly in light of evolving attack methods. Transitioning from a perimeter-based approach to zero trust networking is a significant step towards enhancing security, and we highly recommend leveraging Microsoft 365 as a comprehensive solution to enforce your security measures.

If you require security consultancy, support, or would like to explore a demo of Microsoft 365, please do not hesitate to contact us. We are here to assist you in strengthening your cybersecurity defenses and protecting your organisation’s valuable assets.

Content originated from Chorus.