Current business needs and IT trends demands data to be accessible across boundaries. Data in silos has very little value and it is imperative for an enriched offering to continuously exchange data between varied applications, workloads, edge devices, data centers and other touchpoint. The core business data which in the past was secured within the security perimeter is now forced to be shared outside the entity to attain enhanced business value. There is an ongoing demand in moving data from Secured Castle to Cloud environment and to brace this change Enterprises must beef up their security controls.
Zero Trust Framework(ZTF) is a tangible security model which works based on NEVER Trust, ALWAYS Verify principle. By default this does not trust any user, device or workload irrespective of the location and is ideal for securing data shared across multiple streams.This model emphasises controls on the following focus areas that provides the necessary controls and isolation for data access.
- (Zero Trust) Network : The Network must be divided into Micro Segments and must be braced with multiple inspection points and junctions to block all the malicious and unauthorised access. This segmentation aids to isolate and contain the breach, if any within the segment.
- (Zero Trust) Workloads: Entire stack of workloads must be hardened and secured. Policies must be enforced on workloads for accessing data and any violation must be monitored and isolated in real time.
- (Zero Trust) Data: Data must be secured and policies must be defined in accordance with the value of the data accessed. Critical data should have extremely limited access and controls should be in place to detect and flag out abnormal data access
- (Zero Trust) People : Provide users with only minimal access and authentication must be stepped up using MFA
- (Zero Trust ) Devices :Every device in the network (mobile, laptop etc) must be uniquely identifiable and secured. Provision to be isolate compromised device must be set up.To minimise the network surface attack, the devices accessing the network should be monitored and access should be provided only after it is authorised
- Visibility and Analytics :All traffic must be logged, monitored and inspected in real time. Continuous Monitoring and Analysis of data access activity across the Network should be set up. Anomalies in data access pattern should be identified and isolated in real-time.
- Automation and Orchestration : Manual process is not effective in managing the scale of controls required for Zero Trust framework.This requires solid orchestration to handle the Policies enforcement, monitoring, remediation and threat detection. Automating these reduces the risk and provides agility that makes framework more manageable.
Adhering to this framework enables Enterprises to tighten the access control and establish processes to brace the shared data from being compromised. Enterprises can invest in security products that are Zero Trust compliant or can implement the additional checks in existing ecosystem to address all the focus areas of ZTF. Ensuring secure and legitimate sharing of data is very critical for any business and adhering to ZTF provides the necessary controls to achieve this.
