Since the SolarWinds hack that affected multiple government agencies, the U.S desperately needs to explore other options for protecting its networks. That calls for a strategy centered around the idea that an organization should not trust anything. This strategy, which security experts would like to make more mainstream, would be moving from the more common castle and moat model to a zero-trust model.
What is Zero-Trust?
Zero-trust is the idea that an organization should not automatically trust anything inside or outside its perimeters. The concept is that the network needs to verify who or what wants access to the network before granting it.
The Castle and Moat
The castle and moat model is currently the more common security model often used by security teams and organizations. It works by making it extremely difficult to get into the network, requiring one to verify themself or their device before being let in. However, once inside the walls or perimeter, they are trusted by default. That is the primary issue because once inside, an attacker has free reign on the network.
Moving towards Zero-Trust
As security professionals, we are expected to keep the network safe inside and out from attackers. After the eye-opening breaches of SolarWinds and Microsoft, researchers found that most attackers gained a wide hold on a network and could then set up back doors and administrator accounts. People tend to think that when you implement zero-trust, you are getting rid of your perimeter controls. However, that is not the case. Zero-trust is not a piece of technology, but rather it is a strategy to keep the network secure. It acts as another layer of defense on top of the perimeter technology that you already have in place.
While there are a lot of ways to implement zero-trust, the first step is implementing multi-factor authentication. Two-factor authentication is widely used and requires the user to input a code they received via email or SMS. Multi-factor authentication is even more secure, offering options like biometrics and one-time passcodes. Device access management is also another vital aspect. That involves controlling user access on devices and monitoring all the different devices trying to access the network to ensure they are authorized.
Zero-trust is a strict model to follow that takes time to build and effort to enforce but securing the network from both inside and outside is ultimately worth it.