What is Zero Trust Architecture? – Antivirus and Security – Tecnoblog

The model is based on the constant verification of credentials, even when inside the network. See below, what is architecture Zero Trust, understand the needs for implementation, its main advantages and the points of attention needed when choosing the architecture.

What is Zero Trust architecture? (Image: Vitor Padua/Tecnoblog)

I don’t even trust my shadow

If the idea were to define architecture with a pun or popular saying, this phrase would be perfect. The architecture Zero Trust assumes the network has been compromised and challenges the user or device to prove they are not an attacker. The model requires rigorous identity verification for each user and device when trying to access resources on a network, even if it is already within its perimeter.

The architecture also provides the ability to limit a user’s access once within the network, preventing the attacker from extending access from one part of the network to complete freedom across all applications involved in it.

A traditional or perimeter security approach focuses on keeping attackers out of the network but is vulnerable to users and devices already connected to the network.

Traditional network security architecture uses firewalls, VPNs, Access Controls, IDS, IPS, SIEMs and gateways from e-mail creating multiple layers of perimeter security that cyber attackers have learned to breach.

The “verify and trust” strategy treats users who are connected within the network by default as trusted. Someone with the correct user credentials can be admitted to the full set of sites, applications, or devices.

Default network protection scheme and Zero Trust model (Image: McAfee/Disclosure)
Default network protection scheme and Zero Trust model (Image: McAfee/Disclosure)

How to implement

THE Zero Trust This may seem complex, but adopting this security model can be relatively simple with a technology partner. For example, the Cloudflare One is a SASE platform that combines network services with a Zero Trust embedded in user and device access.

Other companies famous for their services Zero Trust are the Cisco e McAfee. This is the easiest possibility to implement the architecture, another option would be to assemble a robust IT team to remodel the entire corporate network environment, but taking into account the required “pillars” that were defined by the National Institute of Standards & Technology (NIST).

  • All data sources and services are considered resources;
  • All communication is secure, regardless of network location; network location does not imply trust;
  • Access to individual enterprise resources is granted per connection; the requester’s trust is assessed before access is granted;
  • Access to resources is determined by policy (rules), including the transparent state of the user’s identity and the system making the request, and may include other behavioral attributes (such as operational history);
  • User authentication is dynamically and strictly enforced before access is allowed; this is a constant cycle of access, threat scanning and assessment, adaptation and ongoing authentication.

Advantages of Zero Trust

THE Zero Trust detects the following methods more quickly and usually stops them before a system intrusion occurs.

  • E-mails from phishing targeted at employees;
  • Lateral movement through the corporate network;
  • redirect a shell for a service to compromise a corporate machine;
  • Stolen developer password;
  • Stolen application database credentials;
  • Database extraction via host of compromised application;
  • Host of compromising application used through privileged workstation;
  • Use developer password to elevate developer privileges host of the application;
  • Access workstation with privileges by installing keylogger via escalation of local privileges on the target workstation.

In terms of business security, there are no disadvantages for using the architecture Zero Trust. The point of attention is to inform and explain to employees the need for protection so that they are not afraid to use it or try to circumvent the system for some reason. The famous “each in their own square”.

With information: Cloudflare, McAfee, Cisco.

Leave a Comment