Zero Trust Networking

What Is a Zero Trust Network?

A Zero Trust Network is a network based on the principles of Zero Trust, including continuous authentication of access attempts alongside constant monitoring. Rather than assuming an entity on the network is benign once authenticated, entities are always considered hostile. A Zero Trust Network provides a greater level of security than a traditional network and delivers a single model that spans from on-premises LANs to resources distributed globally in the cloud and across the public Internet.

How a Zero Trust Network Differs from Traditional Networking

Traditional networking revolves around the concept of perimeter security. Once a device or user is authenticated within the local corporate network, it is considered trusted, and resources will be made available without further checks.

But now, businesses are facing considerable scaling of their ecosystems. Employees work from home or via a hybrid blend of remote and in-office activities. Company resources reside both within the network and in the cloud. Those cloud resources can be both public and private. Service supply chains are increasingly distributed, and endpoint types proliferate.

The Zero Trust Network combats this increasingly varied landscape by using a security model with the same fundamental principle no matter where a device is located or what kind of resource a user tries to access: never trust, always verify. Authentication is never assumed and must constantly be renewed. This minimizes cyber breaches because compromised devices and user credentials will never automatically access network resources.

How a Zero Trust Network Works

A Zero Trust Network is more of a network model and methodology than any specific technology. The NIST 800-207 standard defines its core principles. The elements that make up a Zero Trust Network implementation include:

  • Access privileges for all resources are continuously validated
  • Access policies can be adjusted based on user behavior. For example, if a device is being used from an unusual location
  • Multi-Factor Authentication (MFA) is implemented to strengthen verification
  • Security controls are centrally managed
  • Cybersecurity AI can enhance threat detection and response for a faster reaction to potential attacks
  • Identity and Access Management systems are implemented
  • The entire business ecosystem will be visible in real-time to administrators
  • Security is audited and reports provided for the continuous improvement of protections

How to Create a Zero Trust Network

Implementing a Zero Trust Network requires a systematic approach divided into clear stages leading towards an effective but evolving system. 

  1. Identify the assets on your network, their value and vulnerability, such as core business data and intellectual property.
  2. Ensure that devices and users are verified robustly, including multi-factor authentication for users and embedded security chips in devices to accredit their identity.
  3. Map user workflows, defining which users access which assets and when, generating a plan of how they will be granted the required access.
  4. Create policies for authentication that can then be automated, including metadata such as device, location, time of access, recent user and device activity, and multi-factor authentication. Automate processes to screen for these metadata attributes to streamline policy enforcement.
  5. Test the verification, workflows, and policies to ensure they improve security as expected but don’t impact user productivity. Monitor device and user behavior to detect new intrusions while proactively adapting security measures to evolve the Zero Trust Network. 

Zero Trust Network Components

Protect surface: any network asset that must be protected

Segmentation gateway: a network of assets can be divided into segments of individual protect surfaces, each of which is secured by a gateway that restricts access to that segment

Micro-segment: this is a smaller segment within a network, with specific security to apply granular access enforcement

Layer 7 firewall: an advanced firewall able to examine network packet contents to provide data that can be used to augment authentication policies

Multi-factor authentication: an authentication method requiring more than one piece of information from the user before access is granted. It is a core principle of Zero Trust

SMS authentication: the most popular form of multi-factor authentication, where users receive a pin or alphanumeric code via SMS text message, which is then used to provide a further level of identity verification

Least privilege access: limiting users’ access to only the services, data, or applications they need immediately, even when trust has been established

Software-defined network: instead of being defined by a physical perimeter, a Zero Trust Network is defined by the software-based rules and policies that control user segmentation and access

Granular enforcement: a core feature of Zero Trust Network, which enables authentication for specific resources

Every security team wants Zero Trust—nobody gets or keeps access to anything until they prove and continue to prove who they are, that access is authorized, and they are not acting maliciously. That’s why organizations choose BlackBerry® Zero Trust Architecture powered by Cylance® AI to protect their people, data, and networks.