An easy-to-understand explanation of the security model "Zero Trust"
The damage caused by cyber attacks is increasing day by day due to the malware "Emotet " and the Android malware "BRATA" . At the same time, attack methods have become more sophisticated, and it can be said that conventional security measures are inadequate.
In this blog, we will explain the security model "Zero Trust" that is needed now.
What is the security model "Zero Trust"?
Zero trust is the basis of all cyber attack countermeasures
"Zero trust" is a security model that verifies the security of all communications based on the idea that all communications are completely unreliable.
Even if it is a communication that has been evaluated as reliable in the past, such as access from inside the company, it is not trusted, and by verifying the safety each time, it has the feature that it can prepare for threats from inside and outside. ..
In recent years, the state of IT infrastructure has changed significantly, with the increase in remote access due to the promotion of telework and the increase in opportunities to use cloud services with the promotion of DX.
As a result, there is data to be protected not only inside the network boundary but also outside the boundary, and it can be said that it is difficult to protect the enterprise from the latest threats with the conventional "perimeter defense type security model". ..
Since Zero Trust covers strengthening countermeasures against cyber attacks and countermeasures after intrusion, countermeasures against all cyber attacks including threats such as ransomware and targeted attacks that may cause great damage to all companies are taken. It can be said to be the basic idea for realizing it.
Differences between zero trusts and traditional security models
In the conventional boundary defense model represented by password authentication, credit evaluation is performed only at the first gate by installing a firewall etc., and it is said that it can be trusted once like access from inside the company. The evaluated communication has been considered secure since then.
With such a perimeter defense model, viruses and malware can easily spread once they are inside the perimeter, which is not sufficient as a countermeasure against malicious cyber attacks.
On the other hand, Zero Trust eliminates the weaknesses of the boundary defense model because it protects against threats that have invaded the inside of the boundary by verifying the security of each access even from within the company.
Benefits of Zero Trusts Against Cyber Attacks
Reducing the risk of data leakage
The amount of data held by companies continues to increase year by year, and a huge amount of important data such as customer data, confidential information of business partners, and personal information of employees is stored in the company. These data leaks not only impose penalties on companies, but also lead to risks of compensation for damages and loss of social credibility, so it can be said that preparing for risks is a very important issue for the survival of companies. prize.
Under such circumstances, cyber attacks are increasing year by year and methods are becoming more sophisticated, so the boundary defense model cannot suppress the risk of data leakage.
Zero trust has the idea of "principle of least privilege" that gives users the minimum privilege as needed, so if an attacker succeeds in intruding, such as a terminal being infected with malware. However, the information that can be viewed is very limited, and the risk of data leakage can be minimized .
Shortening the detection time when an incident occurs
Zero trust is the idea of verifying all communications related to the company, but as cyber attack methods are evolving rapidly every day, there are products and services that can prevent 100% intrusion in all communications. I will not .
There are many products to prevent intrusion, such as firewalls and antiviruses, but none of them can guarantee 100% protection because attackers are constantly making improvements to break them.
Therefore, even if we look at the trends of various guidelines and regulations worldwide, it is not "preventing intrusion" but "how quickly after intrusion, how to detect an attack, accurately identify the range of influence, and take prompt action". The importance of post-intrusion measures is being emphasized.
The strength of zero trusts is that even if a security accident occurs, it is possible to detect and respond to incidents at an early stage .
With zero trust, users need to authenticate each time they access information, and access history can be recorded in real time.
When an incident occurs, it is possible to identify the problem at an early stage by checking the activity from the access history. Early identification of the source of an incident can be said to be very effective as a preparation because it leads to minimizing damage.
Benefits of zero trusts from a management perspective
Reduction of management costs
In the boundary defense model, measures such as strengthening firewalls against external threats and complicating access to physical servers (classifying physical blocks such as biometric authentication and card keys) were taken as measures against information leakage.
These measures cost enormous costs for hardware maintenance and operation. Also, if an attacker invades deeper layers, physical response is required, so there is a risk that quick defense will not be possible.
On the other hand, since zero trust is cloud-based, it has a strong structure to prevent secondary and tertiary damage in the event of an emergency. Security management is also centralized in cloud authentication, leading to hardware-related cost reductions .
Security measures under remote work
In the perimeter defense model, users are required to work on a secure network, so they are required to go to the office or connect to a VPN as a work environment.
Zero trusts authenticate to the device, eliminating the concept of inside and outside the network .
As long as the user is authenticated, he / she can work anywhere and can work in the cloud, which leads to the provision of a stable communication environment and improvement of work efficiency.
Zero trust is also attracting attention as a measure against ransomware
According to the " 10 Major Threats to Information Security 2022 " released by the Information-technology Promotion Agency (IPA) in January 2022, ransomware damage is ranked first as a threat to organizations.
Attack targets are also becoming more sophisticated, such as cases where attacks are made not directly to the target company that wants to steal information but to the related supply chain, and cases where vulnerabilities are targeted by new normal working styles such as telework. These threats are difficult to deal with because they employ a boundary defense model, such as having only their own organization within the boundaries and only the office within the boundaries.
Zero trusts are attracting attention because they can also deal with ransomware threats targeting supply chains and telework .
![pinterest](http://pinterest.com/pin/create/button/?url=https://www.boudy-technology.tn/2022/06/What-is%20zero-trust%20.html&media=https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgFnKbGymaQL15LtTMeD5jB1q4ZJrBQKZl4UkV9gJLN4_Qu6TBrH1dGWb2VFm3UMJ8g_grFdJwPLOYtwQSiEbGU8CwKyMlgELWZdYbBBtvjO8X-GJGVXV13eiqPmj77cwiA5em5-_zqK2CrRoXBE3RxAErkpw2wHmXXjYWVtArwnOa-gd2JCP-ilYUXBA/w1600/cyber-security-3194286_640.jpg&description=An easy-to-understand explanation of the security model "Zero Trust" The damage caused by cyber attacks is increasing day by d…){kind=link}
Comments