What is Zero Trust Security? 5 Use Cases to Show How It Really Works


61% of surveyed IT Ops say improving IT Security is a top priority for 2022. It's not a surprise: We've all seen the headline-grabbing figures on how much cybersecurity attacks cost each year, with some estimates putting the figure at a staggering $10.5 trillion USD annually by 2025.

In the UK alone, 34% of firms hit by ransomware had to close business operations temporarily due to the attack. And, since the disclosures of the vulnerabilities experienced by Microsoft Exchange, ransomware attacks have risen by 57%

Whether you work in manufacturing, local government, healthcare or a completely different industry, it's clear the IT security landscape is changing. Evolving and growing cyber security threats, combined with new, hybrid working patterns, mean you have an opportunity to explore a new approach to enable business and securely connect remote users to internal systems and applications.

 

What is Zero Trust Security really about?

Zero Trust isn't an easy concept to understand. Moving from a traditional security architecture that assumes trust based on certain devices, individuals and locations toward a model that instead trusts nothing until it is verified requires new tools, methodologies and most importantly a different way of thinking.

To help bring it to life, here are five easy to understand example use cases where Zero Trust Security helps:

 

#1 Secure third party/non-employee identities working inside the corporate network

Most enterprises support employees on the corporate network. However, inevitably, other users, such as third-party business partners, contractors, and temps, will also work from within your corporate network. These situations highlight why location-based security metrics are woefully overrated and why security should be uniform across the board.

When bringing non-employees or third parties into a corporate network, utilise the Zero Trust philosophy of "trust no-one outside or inside the network." If the only security you have is at the physical layer, granting third party access creates a significant security risk. However, if "identity is the new firewall," making sure any identity (user) inside or outside the network only has the access they need and is governed correctly will ensure that access to company resources remains secure.

 

#2 Protect remote workers accessing public and private (cloud) resources

Managing the security of remote employees became a significant concern in 2020 in the wake of the COVID-19 pandemic. Security administrators find their edge security products provide no benefit to remote workers who use the internet to connect directly to public and private (cloud) resources. While it is possible to force remote workers to use VPN or virtual desktop infrastructure technologies through the corporate network, these options often prove inefficient and burdensome. Another often overlooked problem is the available bandwidth and latency: Zero Trust becomes a great alternative because it does not require users to connect to the corporate network before accessing services.

 

#3 Support globally distributed teams

Within an organisation, there are often multiple satellite offices and remote employees that connect to a central headquarters. And because the teams and employees are remote, many organisations use cloud resources and applications to connect teams. Since these resources are outside the traditional network, traditional security tools and processes are not very effective. Some companies force remote workers and locations to reach resources using a VPN or virtual desktop infrastructure.

However, these options often prove inefficient and burdensome. Again, Zero Trust does not require users to connect to the corporate network before accessing resources. Understanding the identity of the user is needed to make sure any access is secure and appropriate.

 

#4 Accessing OT management or control stations from the IT environment

Operational Technology (OT) environments operate management stations controlling multiple industrial devices, Programmable Logic Controllers (PLCs) etc. These OT environments have a high demand for real-time operation, which can stand in the way of a decent security design. Therefore an almost physical split between OT and IT networks was the common practice. Resulting from this design the challenges include:

  • Lack of security awareness among OT staff.
  • Lack of visibility into all of the OT systems.
  • Shared network infrastructure within the manufacturing floor between systems.
  • Inability to address security issues by patching the OT systems.
  • Increased attack surface with the increase in OT/IT convergence.

The resulting structure is primarily a strict separation between OT and the IT environment. Port-based bridges (firewalls) are introduced to enable access to this environment, with all the additional monitoring required for this approach. 

Zero Trust will enable you to allow the securely verified user to set up a connection to these OT management stations. All other connections are no longer needed or allowed, resulting in far less time spent monitoring these sessions.

 

#5 Secure Traditional Windows Applications 

Traditional applications may not be designed for external access. Such an application typically: 

o Relies heavily on Microsoft Active Directory

o Might use proprietary communication methods

o Often requires a Windows machine to run the end-user-facing client software

These traditional applications are often business-critical, and there is no upgrade path to modern architecture. Using Zero Trust offers a path to access, without compromising security.

Introducing G/On: A Non-Intrusive Approach to Zero Trust Adoption 

G/On is a scalable, Zero Trust solution that connects all your users to internal and on-premise resources — regardless of device or location. Decrease your attack surface, enhance security and reduce complexity. Stop managing devices and empower IT to focus on business process innovation, not threat mitigation. It’s simplicity without compromise.

There are three core pillars to G/On: software-defined perimeter (SDP), Zero Trust and non-intrusive. SDP network resources are made inaccessible by default and makes the application infrastructure invisible from the internet. ZeroTrust means it applies the principle of least privilege to the network (need-to-know), reducing the attack surface while also increasing IT's visibility into user activity and applications. And non-intrusive ensures it promotes data protection and prevents access to personal data on devices. 

G/On is about securely enabling applications on unmanaged remote devices to access company internal applications and services. The G/On security model builds on the assumption: "The enemy knows the system" and assumes that the enemy will use targeted attacks. With G/On, the central services that must be protected are inside a security perimeter, and the only way to access the services is through one of the G/On gateways. Whereas the G/On gateway will only present the allowed applications to the verified user with a per user dynamically generated menu.

Want to find out more about Zero Trust security? Download your copy of How G/On provides a giant leap into the Zero Trust era

 

Reshaping-zero-trust-security

Roel Schuitman

Subscribe Here!