What’s the Fuss About Zero Trust?

Zero trust is a security model that focuses on the security of individual transactions. Legacy security models employ perimeter-based security models with implicit trust based on network location and the use of a static defense over a large network segment. Employing zero trust security is not something you can buy, but a set of principles to follow.

A zero trust approach has become necessary because of the way people, applications, and devices interact with each other. In the 90s, people had to go into the office and log into their computer to access applications and data. Today, people work in distributed environments with multiple devices and varying locations with almost ubiquitous access to data. By employing zero trust principals and evaluating trust on a per-transaction basis, organizations can more effectively protect their data against the most sophisticated and hardest to detect threats.

A real-world example of zero trust principles in everyday life would be if you went to the hospital and the doctor came in and gave you advice about severe cold symptoms you were experiencing; you would evaluate their attire, a hospital badge, and their tone of voice as they treated you. And, if things seemed normal, you would take their advice and treatment plan. If you went back for similar symptoms to the same doctor a year later and the doctor came in disheveled and smelling like alcohol, you may be hesitant to take their advice – especially if it seemed significantly different than the treatment previously provided. In this scenario, you are making a dynamic decision of whether to trust or not trust the doctor. In the first case, you would likely trust the doctor and follow their advice, but the second time, you may not follow the prescribed treatment and you may report your suspicions to the hospital administrator. In a third scenario, if you went to the hospital for an ailment and were told you had cancer, you again might further scrutinize the doctor’s education, years of experience, specialty, and diagnosis before following the prescribed treatment, and you would probably seek a second opinion. You instinctively make decisions about how much you trust the doctor based upon environmental factors, the severity of the situation, and the impact of following or not following their prescribed treatment.

When applying the concept of zero trust approach to protect your data you must make dynamic decisions about when to trust a user’s or an application’s request for data. Zero trust doesn’t mean you won’t trust anything; it means you won’t implicitly trust anything, and you will dynamically determine your level of trust for each action the user or application is taking.  In an IT example, let’s say you have a file share with all of the company’s financial records. It’s normal for people in the finance department to access these files to perform their job. They will read and write to 12 – 15 files a day. Some people are in early and others arrive later and stay later. They rarely work weekends, except for a few who occasionally check on things from home through the company’s VPN. Now, if in the middle of the night the account of a finance employee tries to copy 25 files over the VPN, then you would want your data storage system to stop it. It’s true that the account is authorized to read all those files, but given the situation and request, it doesn’t make sense. Does it even make sense if they’re trying to do it at noon from the office? Probably not.  A zero trust approach would stop this behavior and allow an IT security person to investigate it. Maybe someone stole the employee’s credentials and is stealing data, or maybe the employee has become an insider threat that’s feeding information to a competitor.

Related Explainer Video: Data-Centric Zero Trust Policy

Zero trust principles can be applied to all parts of the data center, but the part where it is most needed is where the data is stored. Data is the target of the hacker; they either want to change it, destroy it, or steal it. With a zero trust data solution, you can prevent ransomware, insider threats, and cyberattacks in real time. Learn how to implement zero trust in your environment by contacting RackTop. But don’t just take my word for it, check it out for yourself.­­­­