Building out Zero Trust Architecture

Written By Guest User

Ryan McConechy

Chief Technology Officer

To say cybercrime has gone mainstream is an understatement.

The threat is no longer a potential for organisations; it's a certainty that will destroy them if they don't have the correct defences.

As a result, Zero Trust Architecture is increasingly becoming a must have cyber-defence that organisations can use to keep threat actors out of their networks.

In contrast to the traditional cyber security ethos' trust but verify', Zero Trust does exactly as it says: Nothing is trusted inherently. Instead, all users, devices and applications are given the minimum privileges to perform their jobs/functions.

Given the bare minimum privileges, but no more, this limits their network access and, in turn, makes it much harder for attackers to exploit or compromise an individual, application or device and then use newly inherited privileges to travel through the network, reaching and stealing sensitive data.

When it comes to the benefits this offers, there is the indisputable improvement to security, but organisations that adopt Zero Trust Architecture are also more attractive to insurers and can more easily meet regulatory compliance requirements.


So, what are the key steps organisations must take to build Zero Trust Architecture effectively?

Strategy, Budget, Planning

Zero Trust Architecture is not a product. You can't buy it out of a box.

Instead, it is a process that can be built using multiple products and policies that work together to improve security by limiting trust, monitoring network activity, and having visibility across all assets.

Having a strategy well defined before adopting Zero Trust is essential; this includes deciding what needs to be brought into the scope of Zero Trust Architecture, deployment milestones, yearly budget allocation for the project, as well as a plan around execution: Zero Trust Architecture can't be achieved overnight, it is a methodology that can take months, or years, to develop and mature fully.

Understanding the network

The most critical first step in Zero Trust is clearly understanding the network and what is classified as 'normal'.

From a user perspective, this involves understanding who users are, where they are logging in from, at what time of day they are logging in, what they are accessing, and what devices they use to access the corporate network. Once organisations understand this, they can see what is expected on their network and set up policies to coincide with accepted user behaviour.

From a device standpoint, this means understanding what devices do, what they are connected to and what is classified as acceptable behaviour for each device.

From an application perspective, this involves understanding what components should communicate with each other and what protocols are standard for these communication pathways.

Visibility 

Once organisations have an up-to-date inventory of all the users, devices and applications that will fall into the Zero Trust Architecture, they must ensure they have continuous visibility so abnormal behaviour can be spotted quickly.

Establishing policies

The Zero Trust journey's most manual part involves setting policies around acceptable behaviour for users and devices. 

This could mean users can only log into systems at certain times of day and access certain network parts from specific devices and locations. 

For devices, this will be around interactions across the network and how they are allowed to communicate with other assets and applications. For example, what is the acceptable behaviour of a printer? What would be deemed malicious?

This will include the data pathways and flows between internal and external processes, resources and within the application itself.

Organisations need to set up policies for everything that falls into the Zero Trust Architecture so they have a baseline for acceptable behaviour. The focus must be on granting the minimum number of privileges users, devices and applications need to perform their jobs. 

Organisations will typically deploy a tooling to manage Zero Trust, which will control and apply policies. Then it can alert on anything suspicious using both threat detection/prevention capabilities and behavioural anomaly detection.

Improving through automation

Once organisations have set up policies, they can rely on tools to automatically apply them to employees and device assets. This helps reduce manual overhead and allows organisations to integrate Zero Trust across all assets, even as their network and workforce grow. 

Zero Trust offers organisations many security benefits, but getting started with adoption is often the biggest challenge. 

By following the above steps, organisations can clearly understand the actions required to roll out Zero Trust Architecture across their environment, helping them improve security and increase their overall cyber resilience.

Barrier's Approach to Zero Trust:

At Barrier, our commitment goes beyond mere consultancy. We empower organisations to discern and embrace their unique journey towards Zero Trust. By intertwining innovative solutions with tailored insights, we seek to foster business resilience, drive sustainable growth, and reinforce stakeholder confidence. Every organisation deserves a security framework that's both robust and adaptive. We're here to ensure yours is.

Guest User
Previous

Overcoming The Common Pitfalls Organisations Encounter When Adopting Zero Trust
Next

SOC-as-a-Service: The Five Must-Have Features