I saw a survey showing that over 2/3 strongly agree that “My company sees Zero Trust security as a necessary strategy.” That number jumps to 93% if you include those that agreed or somewhat agreed. (Source: Ericom 2021 Zero Trust Market Dynamics Survey). And Identity and Access Management was overwhelmingly the top priority and the place to start to achieve Zero Trust.
Here at NetIQ, our purpose is to help organizations protect sensitive information by automating privilege and access control to ensure appropriate access to applications, data, and resources. In other words, we help our customers achieve zero trust. But what is zero trust?
The answer is well explained in a recent two-part presentation given by our VP of Product Strategy, Nick Nikols. The first video is a Zero Trust Overview that outlines how more and more organizations rely on zero trust methodologies to respond to current breach threats. Nick then reviews zero trust concepts relative to the application layer, then drills down into their components. The second video maps NetIQ to their respective Zero Trust component. Please check out the videos, and in the meantime, here are some key takeaways.
Zero Trust is a way of thinking
The first key concept is that zero trust is not a solution, it's not a product, it's really a process, or a way of thinking and a way of approaching the problem that actually involves many elements and involves many products working in concert. Nick explains that zero trust is about thinking in terms of who you are, recognizing who is trying to access, and whether or not they should be able to access. This means maintaining strict controls at every point of access and focusing on the identity as being the differentiator (instead of location as in a perimeter defense).
What Does Zero Trust Mean?
- Basic Concept – Don’t Assume Trust.
- This means maintaining strict controls at every point of access, and not trusting anyone or anything by default.
- Follow the philosophy of least privilege.
- Grant access to only what is needed, nothing more, nothing less.
- Break the environment down into smaller security zones.
- This minimizes the possible damage by slowing down the progress of a potential attack
- Verify identity at every step.
- Guarantee a high level of assurance between security zones.
Components of a Zero Trust Architecture
- Least Privilege Access
- Grant only as much access as needed, with only the minimum permissions for the shortest duration necessary.
- Break the environment down into smaller security zones to limit the scope of access.
- Maintain separate security controls for each compartment of the environment (requires distributed management of these controls).
- Multi-factor authentication (MFA)
- Require two or more verification factors to gain access to a resource; require greater identity assurance based on current risk state.
- API control and monitoring
- Ensure appropriate control at the programmatic level as well as at the user interaction level.
- Control how many different devices and/or API’s are trying to access resources.
- Context-aware, continuous evaluation of risk – enables early detection of threats and rapid response.
- Dynamically respond to current state in context of current environment and past activity.
Zero Trust is part of an overall digital transformation. As organizations move to the cloud and incorporate IoT, they can also make the switch to zero trust. Doing so will deliver an enhanced security level to the ecosystem and even cover legacy technologies as they transition.
NetIQ Identity and Access Management provides comprehensive workforce and customer identity solutions to enterprise-scale organizations – leveraging Identity to provide secure access, effective governance, scalable automation, actionable analysis and insight across their Cloud, Mobile, & Data platforms.
NetIQ is part of CyberRes, a Micro Focus line of business.