“Trust is a fragile thing — hard to earn, easy to lose.”— M.J. Arlidge
For years, technology architecture was built on the premise that you’re safe behind the firewall on known and trusted devices, simply because they were placed on the domain. But as cybercriminals have become more skilled and cybersecurity attack vectors and breach methods more sophisticated, a perimeter security model is no longer strong enough to ensure the level of protection modern companies want and need. Zero Trust is quickly becoming the gold standard approach, particularly as remote work scales and device proliferation continues.
What is Zero Trust?
As its name suggests, Zero Trust assumes you’re on an unknown device on a hostile network and you haven’t proven you’ve got any rights to access anything. The phrase “Zero Trust” was first coined by John Kindervag of Forrester in 2010 to describe an approach that does not automatically trust entities within the perimeter but rather one that relies on verification of trust across every device, user and application continuously.
To do so, micro-perimeters are required. The micro-perimeter creates smaller boundaries around each application and that application’s data. If an attacker succeeds in penetrating one of these boundaries, it can move only within that perimeter, and can be more easily contained. This multi-layered approach provides superior security to the single large DMZ that a perimeter approach offers.
How Zero Trust can be applied
For comprehensive Zero Trust architecture to exist, it must address five key pillars of trust: device trust, user trust, transport or session trust, application trust, and data trust.
By establishing trust within and across these pillars, companies can gain visibility into applications, devices and user behavior. Security checks at each layer enable IT to extract audit logs and build analytics that ultimately allow for automation and orchestration in which all applications and data are equally protected. Visibility and analytics are a critical part of the Zero Trust architecture, and they help to establish a deeper and broader footprint in each pillar.
At Tech Orchard, we believe Zero Trust is the only model that addresses all the attack vectors for end-user computing. Give us a call to find out how VMware Workspace ONE can help your organization embrace it across your users, apps and endpoints to establish an interconnected, least-privilege system that empowers employees without sacrificing security.