Zero-trust is an approach to network security that stipulates that all users, devices, networks, and applications, verify themselves whenever they need access to critical resources, or whenever it is technically feasible.
The Zero-trust security approach was born out of a need for a more holistic way of securing networks that are complex, distributed, and dynamic.
Challenges To the Zero-trust Security Methodology
The main problem with the zero-trust model is that it requires significantly more time, effort, and foresight to implement. Below are some of the challenges that organizations will face trying to adhere to the zero-trust methodology.
More employees are working remotely
Increasingly more employees are working remotely, using unknown and untrusted devices, IPs, routers, public Wi-Fi, VPN services, and so on. These days, it’s common for companies to allow employees to bring their own devices into the workplace, which they must detect and monitor.
To make matters worse, employees have a tenancy to come and go, sometimes without warning. Customers, suppliers, and business associates may also need to access your company network. Each of these entities will require different types of access, which will have to be set up, maintained, and monitored.
More employees are using untrusted applications
Employees are using more apps than ever before, which is great, but having a large number of untrusted applications running on a device that has access to sensitive company data, is a huge security risk. IT security teams are required to blacklist applications that are deemed unsafe or malicious.
However, keeping track of which departments are using which applications can be a real challenge. They need to find a balance between enabling employees to use the apps which help them be productive, whilst maintaining a consistent and robust set of access controls, and visibility into which apps are used, and how they are used.
More companies are moving to the cloud
As increasingly more companies switch to cloud-based services, the risk of data loss becomes ever greater. This is because cloud-based environments are distributed, and can be theoretically accessed by anyone, from anywhere. As such, sensitive data can find itself scattered around in places where it doesn’t belong, thus making it harder to secure.
Companies must have a profound understanding of their network
Implementing zero-trust is not simply a case of installing and configuring a bunch of new technologies. It requires learning your network inside and out and identifying all users, devices, applications, security software, policies, departments (and their location), and more. For complex networks, it is better to design a zero-trust model from scratch, and then slowly and systematically apply the model to your network. This will help you address issues as they arise, and ensure that there are no gaps in your security posture.
Zero-trust requires ongoing maintenance
Staff come and go, their responsibilities change, and the security technologies and strategies that companies use should be continuously updated as new threats emerge. As such, your zero-trust implementation requires ongoing monitoring and maintenance.
This includes implementing routine maintenance tasks, reviewing access controls, automating patch management, and monitoring network traffic and access to sensitive data.
Zero-trust can affect productivity
Implementing zero-trust can create a myriad of adverse consequences. After all, it only requires a single configuration change to make certain systems or data inaccessible to employees.
If you make too many changes too quickly, you may find it difficult to pinpoint the exact change that created the problem. As a result, your employees will not have the access they need to perform their roles.
Again, the solution is to ensure that zero-trust is implemented gradually, with lots of testing carried out along the way.
Companies must secure their hardware
In order to run an effective zero-trust strategy, all hardware needs to be secured. However, this is not always straightforward, especially when dealing with legacy hardware. If you are not able to properly secure your existing hardware applications, you will probably need to replace them, which will involve time and money.
In some cases, hardware is compromised by “interdiction” attacks, which is where the device gets tampered with during shipment. If you want to be extra safe, you should check to see if the hardware you are purchasing features GPS tracking and geofencing, which will help you track the devices during shipment, and give you the assurance that they haven’t been tampered with.
You should check to ensure that the CPU is trusted, and look for security features such as secure boot, signed OS, and trusted platform module.
Zero-trust requires flexible software
Given the distributed nature of the zero-trust model, the software which you use to keep track of how your systems and data are accessed, must be flexible enough to integrate with a wide range of platforms, both on-premise and cloud-based.
Some companies may want to use different monitoring solutions for different purposes, and link them together. As such, your chosen solution should be able to aggregate event logs from multiple sources and display a summary of events via a single dashboard.