Zero trust implementation

zero trust

Zero-Trust implementation 

It is the principle that any user — whether the device is in or outside the network perimeter — must be continuously verified to gain or retain access to a private network, application or data.

As organization rely on remote work and cloud computing. Organizations no longer have their data in one place but on the cloud on mobile devices and on premises network.

Zero-trust security trusts no one , either inside or outside the network it also means that users and devices are continuously verified

zero trust

Five security principles for zero trust:

  1. Context based access control for devices: It determines if any access request poses a risk and verifies it.
  2. Stronger Access controls (Multifactor authentication) :  MFA can be used for users to verify their identity if the context based access control has determined that the access request is risky according to its risk score
  3. Continuous verification:  Devices inside or outside the network are not trusted automatically.  Every user is continually monitored and verified. 
  4. Micro-segmentation: Users are granted access to a specific part of a network. This prevents threat actors from lateral movement through the network if a system got compromised. This is particularly useful in responding to security incidents
  5. Least Privilege: Limit user access with just-in-time and minimum access privileges required to do the job

How AI Can Empower Zero Trust

  1. Better User Experience

It enhances the entire experience for legitimate users. AI can work in the background for real time monitoring for user behavior and dynamic access requests and hence speed up the approval process and making it seamless for the users

  1. Calculates Risk Scores

AI can create real-time risk scores for access request. This is based on the network, device, location and previous access history. The security team consider these scores when users request access and determine what action should be taken.

For example, if the risk score is high the user may be required for a multifactor authentication.

  1. Automatically Provides Access to Users

It can allow requests for access to be granted automatically — taking into account the risk score that has been generated. This saves time for the IT department. 

  1. Automated Threat Response and Remediation

AI can automate response to identified threats and neutralize them. This includes isolation of compromised devices, revoking of account access privileges, or the initiation of scripted incident response playbooks.

What is ZTNA and how does it work?

Zero-Trust Network Access (ZTNA) applies zero-trust concepts to an application access architecture (e.g. SaaS environment) by enforcing pre-established access policies between users and apps. It authenticates users based on their identities, roles, as well as by contextual variables such as device security postures, times of day, geolocations and data sensitivity. Suspicious context could prompt a ZTNA to deny an authorized user’s connection request. Once authenticated and connected, users can see only the applications they are authorized to access; all other network resources are inaccessible. Hence it does not expose IP addresses.

ZTNA