What is Zero Trust Authentication?

Shimrit Tzur-David | May 16, 2018

“Zero Trust” is a concept that can revolutionize the way people interact with networks, and each other. At its core, it’s a different approach to network security, but its practical implications are far-reaching.
In this article, we dive into Zero Trust Authentication, as well as clarify and understand the basics of the approach and the practical ramifications of it.

Zero Trust, Zero Trust Network, or Zero Trust Architecture refer to security concepts and threat model that no longer assumes that actors, systems or services operating from within the security perimeter should be automatically trusted, and instead must verify anything and everything trying to connect to its systems before granting access. The term was coined by a security analyst at Forrester Research.

The Zero Trust model is the response to the realization that the perimeter security approach isn’t working because many data breaches happened because hackers, once they got past the corporate firewalls, were able to move through internal systems without much resistance. And also because the perimeter itself is no longer clearly defined, because applications and data stores are on-premises and in the cloud, with users accessing them from multiple devices and locations.

Zero Trust is a general approach that calls for enterprises to leverage micro-segmentation and granular perimeter enforcement based on users, their locations and other data to determine whether to trust a user, machine or application seeking access to a particular part of the enterprise.

Zero Trust draws on technologies such as multifactor authentication, IAM, orchestration, analytics, encryption, scoring and file system permissions. Zero Trust also calls for governance policies such as giving users the least amount of access they need to accomplish a specific task.
Push Notification Authentication enables user authentication by sending a push notification directly to a secure application on the user’s device, alerting them that an authentication attempt is taking place. Users can view authentication details and approve or deny access, typically via a simple press of a button.

Notifications can be sent in-band or out-of-band, using any number of communications channels.

Push notifications authenticate the user by confirming that the device registered with the authentication system – typically a mobile device – is in fact in the user’s possession. If the device is compromised by an attacker, then push notifications are compromised.

Authentication based on push notifications is gaining popularity because it provides a simple means to authenticate users, especially if used without passwords.

 

The Traditional Security Model

Traditional security approaches were designed to protect the organization’s perimeter. To get in, one had to be verified and trusted; but once inside the network, further checks and balances were not required. Traditional network security has been compared to a castle with a moat. The moat keeps the “bad guys” out, but once someone is trusted and let into the castle, we’re happy for them to be there.

 

The Problems With The Traditional Model

This assumption – that everything within an organization’s network can be trusted – is outdated, especially in light of a new era of sophisticated attacks, new threats, and new ways of connecting to networks.

For one thing, users, devices, applications, and data are moving outside of the enterprise’s zone of control; and “traditional” perimeters are complex and no longer compatible with today’s business models. Applications, users, and devices are moving outside, destroying what was once the trusted enterprise perimeter.

So what happens when, in the traditional “castle and moat” perimeter-based model, a malicious user gets behind the perimeter, and into the castle? This user is now able to move within the network, as they are now trusted. Alternatively, an authenticated user is operating unauthorized operation.

 

“One of the inherent problems we have in IT is we let too many things run way too openly with too many default connections. We essentially trust way too much,” @CynjaChaseC , Chase Cunningham

 

This movement, known as “lateral” movement, is used by attackers to move through a network until they find the valuable treasure trove of data that they’re looking for. In fact, the place where the infiltration occurs is frequently not the target location. For example, if an attacker infiltrates an endpoint, they probably still need to move laterally through the network to reach the targeted content or database. In a cyber attack on Target, hackers entered by compromising the HVAC system, and ended up stealing payment and personal information of as many as 110 million customers – a classic case of hackers breaching the perimeter and then being free to do as they please.

 

Enter Zero Trust Architecture

Zero Trust technology means that each service in the enterprise should be validated with no prior trust. To use a real-world example, if the traditional model was putting a guard at the entrance of a building, Zero Trust Architecture puts a guard in front of each door within the building.

 

Zero Trust Architecture is based on the principle of “Verify and Never Trust”. The concept of trust in the network is eliminated: no more trusted users trusted user applications, and so on. This way, security is embedded into the network DNA.

 

“A Zero Trust approach changes the focus to business outcomes, designing systems based on data value and protection requirements.” – @Kindervag John Kindervag,  Palo Alto Networks

 

Companies are leveraging this “Verify and Never Trust” model to secure against a variety of constantly evolving threats. A zero trust solution should provide secure access to resources or services, no matter where this request comes from. Each origin might have different authorization rights to different part of the network. Therefore, in order to eliminate unauthorized access to resources, the pathways to these resources must be minimized, resulting in a zero trust solution that should minimize allowed access to resources, and require everything to be verified.

A key aspect of Zero Trust Architecture is that all activity must be logged and monitored, and any anomalies, including suspicious lateral movement, be immediately flagged. Part of this approach includes a segmentation gateway, which takes all of the features standalone security products and combines them into a single solution, using the Zero Trust Architecture approach.

 

New Tech Is Changing The Game

As much as new technologies are adding complexity to the way that enterprises protect themselves and keep malicious players out, they are also assisting in making the zero trust model a reality.

Blockchain, for example, with its decentralized identity abilities, and its distributed and immutable ability to record transactions is one of the technologies that have brought the era of  “zero-trust” transactions to fruition, along with other decentralized identity architecture models.

 

Security By Design

Implementing Zero Trust Architecture on existing systems, or “retro-fitting” onto legacy infrastructure can cause more harm than good, and certainly will create added complexity.

As businesses move to the cloud, however, a prime opportunity presents itself to implement “Security By Design”, to design a network with security embedded in its DNA, leveraging Zero Trust Architecture.

This includes ensuring all data and resources are accessed securely, based on user and location. Of course it also involves understanding who the user is, what applications they are using, and identifying any anomalies.

 

Top Security and Beyond

“Zero Trust” as a concept has already revolutionized the way people interact and do business. The practical applications of this way of thinking are already being felt, for example with Secret Double Octopus’ Password-Free Enterprise solution, which is changing the game when it comes to identity protection and security.