Vulnerabilities / Threats //

Advanced Threats

02:30 PM
Ojas Rege
Ojas Rege
Connect Directly
E-Mail vvv

Establishing True Trust in a Zero-Trust World

Our goal should not be to merely accept zero trust but gain the visibility required to establish true trust.

The term "zero trust" was coined by Forrester in 2010. The concept was also central to the BeyondCorp architecture that Google was designing around the same time. Traditionally, companies assumed their corporate networks were secure. Google provocatively stated that the corporate network was no more secure than the public Internet and that every organization needed a security architecture that did not take trust for granted. Forrester described it less as myth-busting about network security and more as a necessary framework for data and computing outside the perimeter.

Whether corporate networks are secure or not, it is true that the traditional arbiters of trust — next-gen firewalls, VPNs, web gateways, network access control, network data loss prevention, locked-down PCs — have minimal value outside the perimeter. This is a growing issue because all new enterprise application innovations happen in the cloud, not on-premises, so a company that cannot compute outside the perimeter will rapidly get left behind.

Every company must find its answer to the zero-trust problem.

What Is Zero Trust, Really?
Trust is based on visibility. If I can see where my data is going and assess the corresponding risk, then I can make an appropriate decision about whether to allow access to my data in that environment. If I have zero visibility, however, I must assume zero trust. I cannot trust what I cannot see.

Because traditional security solutions provide minimal visibility outside the perimeter, organizations have a rapidly growing blind spot as data spreads across an information fabric that spans mobile endpoints and cloud services.

Our goal should not be to merely accept zero trust but to gain the visibility required to be able to establish trust in what otherwise would be a zero-trust world. Without trust, you cannot enable your users. Without enablement, they cannot do their jobs. The challenge is to enable them with the services they need without putting your business data at risk.

Every company must implement a new model of trust.

Is User Trust Enough?
Outside the perimeter, there is one element of trust that traditional security infrastructure can still (mostly) validate: user trust. I can usually establish whether users are who they say they are. But is that enough? No.

User trust is an essential element of the modern trust model. It is necessary, but not sufficient. The reason is that a trusted user in an untrusted environment should not have access to company data. Context matters.

Here's an example: Let's say I owe you $1,000. We can decide where to meet so I can give you that money. We can meet at my home or we can meet on a street corner in a dangerous part of town. You, the person standing across from me, are still the same, trusted individual. But my willingness to hand you that money should absolutely be different in those two environments. In one, the transaction will be successful. In the other, you'll likely get mugged within a block. User trust is not enough. Context is critical to establish trust in a zero-trust world.

3 Steps to Get Started
Risk and trust balance each other. Don't assume that more risk means less access, because the outcome will be that your users won't be able to do their jobs. The more risk that exists in an environment, the harder you must work to establish enough trust to justify access to corporate data.

Like almost everything else in security, starting with basic hygiene and establishing a foundational process and architecture are the most important steps:

Step 1: Start with the user.
Technology is secondary. First, understand the environment in which business users want to do their work, not the environment in which you want them to do their work. Otherwise, you will end up establishing trust in an environment that no one is using, while the real work and actual data flows are outside your vision, completely unprotected.

Step 2: Respect the edge.
Mobile devices and apps have become a primary means for employees to consume data and access business services. That means data will be resident on a constantly growing number of mobile devices. Organizations must establish a data boundary on the device that prevents business apps from leaking data to consumer apps while also protecting the privacy of personal information.

Step 3: Assume constant change.
Think of it as a "dynamic-trust" world instead of a "zero-trust" world. Context is dynamic in modern computing. Change is the nature of both mobile and cloud: Devices move across networks and locations; new apps are downloaded; and configurations are modified. The key is to establish an automated and tiered compliance model that monitors for contextual changes and then automatically takes appropriate actions, such as notifying the user, asking for a second factor, expanding or blocking access, and provisioning or retiring apps.

Establishing True Trust
Your goal is to protect data across an increasingly fragmented information fabric outside the comfort zone of traditional security approaches. The modern access decision requires constant assessment because context is constantly changing. The path forward is moving to this dynamic model of modern security versus the static "I'm in, you're out" model of the traditional firewall.

True trust is the combination of user trust with contextual trust: OS, device, app, network, time, location. Establishing true trust in a zero-trust world as the centerpiece of an automated compliance model gives users the freedom they need to get on with their work without losing company data.

Related Content:


Black Hat Europe returns to London Dec. 3-6, 2018, with hands-on technical Trainings, cutting-edge Briefings, Arsenal open-source tool demonstrations, top-tier security solutions, and service providers in the Business Hall. Click for information on the conference and to register.

Ojas Rege is Chief Strategy Officer at MobileIron. His perspective on enterprise mobility has been covered by Bloomberg, CIO Magazine, Financial Times, Forbes, Reuters, and many other publications. He coined the term "Mobile First" on TechCrunch in 2007, one week after the ... View Full Bio
Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
Higher Education: 15 Books to Help Cybersecurity Pros Be Better
Curtis Franklin Jr., Senior Editor at Dark Reading,  12/12/2018
Worst Password Blunders of 2018 Hit Organizations East and West
Curtis Franklin Jr., Senior Editor at Dark Reading,  12/12/2018
2019 Attacker Playbook
Ericka Chickowski, Contributing Writer, Dark Reading,  12/14/2018
Register for Dark Reading Newsletters
White Papers
Cartoon Contest
Current Issue
10 Best Practices That Could Reshape Your IT Security Department
This Dark Reading Tech Digest, explores ten best practices that could reshape IT security departments.
Flash Poll
The State of Ransomware
The State of Ransomware
Ransomware has become one of the most prevalent new cybersecurity threats faced by today's enterprises. This new report from Dark Reading includes feedback from IT and IT security professionals about their organization's ransomware experiences, defense plans, and malware challenges. Find out what they had to say!
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
PUBLISHED: 2018-12-18
In all versions of ARM Trusted Firmware up to and including v1.4, not initializing or saving/restoring the PMCR_EL0 register can leak secure world timing information.
PUBLISHED: 2018-12-18
DriverAgent 2.2015.7.14, which includes DrvAgent64.sys, allows a user to send an IOCTL (0x800020F4) with a buffer containing user defined content. The driver's subroutine will execute a wrmsr instruction with the user's buffer for partial input.
PUBLISHED: 2018-12-18
IBM Event Streams 2018.3.0 could allow a remote attacker to submit an API request with a fake Host request header. An attacker, who has already gained authorised access via the CLI, could exploit this vulnerability to spoof the request header. IBM X-Force ID: 150507.
PUBLISHED: 2018-12-18
An exploitable vulnerability exists in the HTTP client functionality of the Webroot BrightCloud SDK. The configuration of the HTTP client does not enforce a secure connection by default, resulting in a failure to validate TLS certificates. An attacker could impersonate a remote BrightCloud server to...
PUBLISHED: 2018-12-18
There is a stack-based buffer over-read in the jsfNameFromString function of jsflash.c in Espruino 2V00, leading to a denial of service or possibly unspecified other impact via a crafted js file.