Don’t trust the fort! The zero-trust model explained

Zero-trust modelAs a rule, remote workers and their devices can’t be trusted. You simply can’t know who’s on the other side or what network they’re on. This is why we always recommend to not use VPN, as this creates a fast lane between the unknown and your company network. But then what? How will you enable remote colleagues to safely get to their files and data when they’re not at the office? And now that the lines between outside and inside the office start to fade, shouldn’t you also distrust colleagues that work at the office? The answer is a clear ‘yes’. Stop trusting people and devices! Instead, make sure everyone can do their job without jeopardising company assets. The solution lies in a zero-trust model, an approach that blocks access by default. In this blog, I’ll tell you how this works.


This is what’s wrong with your fort

We used to think of company networks as a fort. As long as you built four strong walls and guarded the thing with great security tools, you were just fine. It worked, because people with bad intentions had a hard time getting in, and people on the inside felt safe. But the problem is that threats don’t come from the outside exclusively. Employees that work at the office can download malware (by accident), lose a post-it with their password on it (by accident) or share company data with the world when they get dishonourably discharged (definitely not by accident). Clearly, either accidentally or deliberately, people from inside the fort can cause problems too. This means that to optimally secure the fort, you need to start distrusting it.


The zero-trust model explained

The ultimate way to start distrusting the fort is to implement a zero-trust approach. This approach (or model if you will) sees everyone and everything as a threat until proven otherwise. It doesn’t matter which employee wants access, which device he uses or where he’s located: everyone should go through explicit mutual identification and authentication steps before they’re allowed access to the network, make changes to systems and download files. Additionally, all information between users and the services and applications inside the network is exchanged using end-to-end encryption. To top it off, all of these pre-set access rules are dynamic, meaning that they change based on real-time information. So, if employees change location, quit their job or switch devices, their access rights are changed or withdrawn accordingly. 


What about compartmenting?

In previous blogs, we discussed the compartmenting strategy, where employees and devices have access to only a compartment of company systems. In this compartment, employees find all they need to do their job, but nothing more. This form of zero-trust is well recommended as it reduces risks, and we even suggest you make it your first step towards optimal IT security. When you give co-workers access to specific compartments only, damage will always be limited. But unsurprisingly, this is not sufficient for remote users and devices as they have a higher chance of (accidently) taking problems with them as they access the network. Therefore, in an ideal situation, you’d focus your remote access solution on the data instead of the network, which is safer than protecting the metaphorical fort.


Zero-trust 2.0: the proxy

If you’re really thorough, which I hope you are, you may consider stop giving people direct access altogether. Instead, you assign a so-called proxy that collects data and files on request. Think of it as a warehouse worker that picks up orders made by employees, without letting them enter the actual warehouse. By applying this zero-trust 2.0 method, remote workers can’t do any damage, especially if you combine this approach with the compartmenting strategy we discussed. As a result, they get the right information (e-mail, specific company data, calendar, etc.) without posing any threats to the company network. This doesn’t rule out the risk of data leakage, though, as data is still sent to an unknown end-point, but there are tools (quite simple ones!) that deal with this problem, such as app containers. Keep an eye on our blog, as in our next article we’ll explore this container concept.   


Start with remote workers and work your way in

All of the above sounds like a lot of work, but it’s less complicated than you may think. The good news is that you can start making IT security data-centric, as you’ve safely locked away your company assets by using a combination of mutual identification and authentication with the proxy principle. Second, there are great tools available that can help you implement a zero-trust model, and they often come with support teams too. Third, one day all physical networks will disappear and be replaced with one, big network called the internet. When this time comes, we’ll all be remote workers that gain access to a distant Cloud, meaning we’re going to need a zero-trust model anyway. Until that time, you can apply the zero-trust model to your remote workers and find different solutions for people working on the actual company network. This prepares you for the Cloud era and helps you guard the company fort in the now.

Do you want to learn more about tools that help you take on a zero-trust approach? Download our free white paper below!

New call-to-action

Hans-Peter Ponten

Subscribe Here!