• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to footer

My TechDecisions

  • Best of Tech Decisions
  • Topics
    • Video
    • Audio
    • Mobility
    • Unified Communications
    • IT Infrastructure
    • Network Security
    • Physical Security
    • Facility
    • Compliance
  • RFP Resources
  • Resources
  • Podcasts
  • Subscribe
  • Project of the Week
  • About Us
    SEARCH
IT Infrastructure, Network Security, News

What is Zero Trust and How Do You Implement It?

A strong identity program, MFA, defining roles and privileges and network segmentation are core parts of a Zero Trust architecture.

August 25, 2021 Zachary Comeau Leave a Comment

Zero Trust
Olivier Le Moal/stock.adobe.com

Thanks to a continuous onslaught of nation-state cyberattacks, exploited vulnerabilities and ransomware, the term Zero Trust has been thrust into the mainstream, but the term isn’t new.

In fact, it’s about a decade old, but the ideas and concepts behind the term are even older.

However, there isn’t one Zero Trust solution or any one piece of software or hardware that defines it. Rather, it’s an IT security model and a concept that helps harden IT networks and prevents the bad guys from doing damage even if they successfully infiltrate your network.

What is Zero Trust?

Zero Trust is based on the idea that IT networks are inherently insecure and that the network has already been compromised. Users and devices – regardless of identity or legitimacy – are not to be trusted by default.

“Therefore, you need to build trust from the ground up,” says Brian Foster, vice president of product at cybersecurity firm ReliaQuest.

The concept was initially developed as a response to devices and networks being hacked by bad actors, who then moved laterally with ease because of a false sense of security, Foster says.

Essentially, a Zero Trust architecture makes it extremely hard for any user or device to do things they aren’t supposed to do since users – both legitimate and malicious – are treated with the same level of scrutiny.

Now, the concept is being adopted by organizations everywhere, including at the highest levels of the U.S. government.

According to Microsoft, Zero Trust is now the top security priority, and 90% of security decision makers are in the process of implementing the concept across their IT environments.

The benefits of Zero Trust are clear: it provides stronger overall security and leads to better cybersecurity hygiene by focusing on role-based access, risk-based identity assignment and micro-segmentation within a network, says Charles Griffiths, head of IT operations at U.K.-based AAG IT Services.

How do you implement it?

Adopting a Zero Trust architecture takes several key steps, many of which most IT admins should already be doing, including control over identities, devices, applications data, infrastructure and networks, according to Griffiths.

“Zero Trust is not a single product or appliance to buy, but an ideology of security. It involves pulling the traditional perimeter back and combining traditional network access controls with user behavior analytics (UBA) and micro-segmentation,” he says.

Identity management

Identity management is a fundamental part of a Zero Trust architecture since they are the basis of verifying users before they can access systems. Griffiths suggests implementing multi-factor authentication across the entire organization to help ensure any and all activity is legitimate and authentic.

Continuous authentication

In addition to a strong password policy and multi-factor authentication via a mobile phone, smart card, security key or app, continuous authentication confirms identity in real time and helps prevent attacks that have been successful in the past because it doesn’t rely on static data, Griffiths says.

Go Passwordless

Instead of using passwords, which security experts say are becoming less secure as hacking methods evolve, Griffiths says organizations can use hardware-based authentication keys to provide a convenient method of authentication that can also be used as a USB HID device or NFC.

Network segmentation

By segmenting networks and implementing network controls, administrators can better manage traffic for each department and application. Micro-segmentation allows for finer levels of granular controls within the firewall or perimeter to limit access, protect against DDOS attacks and more.

Secure every device

Today, every employees has at least one person device they bring to work, and that device may be connected to the organization’s network. If those devices aren’t scrutinized like company-issued devices, you open yourself up to compromise. Every device should be viewed as a potential threat and should have limited access to sensitive resources.

Be specific with user roles

Roles and access should be as granular as possible, Griffiths says, and each role should have clear definitions on what they are allowed to do.

Monitor traffic everywhere with Zero Trust

Traditional IT architecture allows for monitoring of user traffic coming in and out of the network, but remote work is now forcing organizations to monitor traffic on user devices wherever they are, says Michael Wilson, chief technical officer at managed security services provider Nuspire.

Wilson equates Zero Trust to moving from castles to high-tech body armor. They can work together, but are oftentimes at odds.

While we will always have castles, we should no longer implicitly trust anyone inside the castle just because they are in it,” Wilson said. “These services/systems have to be rearchitected to no longer assume trust because someone is on the network or at a specific location. This is why having a strong identify program and technology to support it is a prerequisite to a true Zero Trust approach.

If you enjoyed this article and want to receive more valuable industry content like this, click here to sign up for our digital newsletters!

Tagged With: Zero Trust

Related Content:

  • data breach Nearly 900 Schools Impacted by National Student Clearinghouse…
  • Rearview shot of two young designers giving each other a fist bump in an office, on display is Crestron desk scheduling device Crestron Introduces Desk Q and Desk Touch Scheduling…
  • CI SSI cover Commercial Integrator and Security Sales & Integration Magazines…
  • cyber-attack-skull Spike in Cyberattacks Exposes Vulnerabilities in University Security…

Free downloadable guide you may like:

  • Download TechDecisions' Blueprint Series report on Security Awareness now!Blueprint Series: Why Your Security Awareness Program is Probably Falling Short

    Learn about the evolution of phishing attacks and best practices for security awareness programs to ensure your organization is properly prepared to defend against them in this report from TechDecisions' Blueprint Series.

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Get the FREE Tech Decisions eNewsletter

Sign up Today!

Latest Downloads

Download TechDecisions' Blueprint Series report on Security Awareness now!
Blueprint Series: Why Your Security Awareness Program is Probably Falling Short

Learn about the evolution of phishing attacks and best practices for security awareness programs to ensure your organization is properly prepared t...

Workplace Collaboration Tools for Corporate Spaces
Workplace Collaboration Tools for Corporate Spaces

From lobbies and shared spaces to conference rooms and multipurpose facilities, you need high-performing AV technology to effectively share informa...

ChatGPT, generative AI, enterprise, workplace
Blueprint Series: ChatGPT and Generative AI in the Workplace

This latest release of the TechDecisions Blueprint Series explores the new phenomenon of tools such as ChatGPT and how IT leaders should go about d...

View All Downloads

Would you like your latest project featured on TechDecisions as Project of the Week?

Apply Today!
Sharp Microsoft Collaboration HQ Logo

Learn More About the
Windows Collaboration Display

More from Our Sister Publications

Get the latest news about AV integrators and Security installers from our sister publications:

Commercial IntegratorSecurity Sales

AV-iQ

Footer

TechDecisions

  • Home
  • Welcome to TechDecisions
  • Subscribe to the Newsletter
  • Contact Us
  • Advertise with Us
  • Comment Guidelines
  • RSS Feeds
  • Twitter
  • Facebook
  • Linkedin

Free Technology Guides

FREE Downloadable resources from TechDecisions provide timely insight into the issues that IT, A/V, and Security end-users, managers, and decision makers are facing in commercial, corporate, education, institutional, and other vertical markets

View all Guides
TD Project of the Week

Get your latest project featured on TechDecisions Project of the Week. Submit your work once and it will be eligible for all upcoming weeks.

Enter Today!
Emerald Logo
ABOUTCAREERSAUTHORIZED SERVICE PROVIDERSDO NOT SELL MY PERSONAL INFORMATIONTERMS OF USEPRIVACY POLICY

© 2023 Emerald X, LLC. All rights reserved.