Zero Trust Architecture Explained
Zero trust is a cybersecurity strategy wherein security policy is applied based on context established through least-privileged access controls and strict user authentication—not assumed trust. A well-tuned zero trust architecture leads to simpler network infrastructure, a better user experience, and improved cyberthreat defense.
A zero trust architecture follows the maxim "never trust, always verify." This guiding principle has been in place since John Kindervag, then at Forrester Research, coined the term. A zero trust architecture enforces access policies based on context—including the user's role and location, their device, and the data they are requesting—to block inappropriate access and lateral movement throughout an environment.
Establishing a zero trust architecture requires visibility and control over the environment's users and traffic, including that which is encrypted; monitoring and verification of traffic between parts of the environment; and strong multifactor authentication (MFA) methods beyond passwords, such as biometrics or one-time codes.
Critically, in a zero trust architecture, a resource's network location isn't the biggest factor in its security posture anymore. Instead of rigid network segmentation, your data, workflows, services, and such are protected by software-defined microsegmentation, enabling you to keep them secure anywhere, whether in your data center or in distributed hybrid and multicloud environments.
Removing network location as a position of advantage eliminates excessive implicit trust, replacing it with explicit identity-based trust.
Gartner, Market Guide to Zero Trust Network Access, June 2020
How Does Zero Trust Security Work?
The core concept of zero trust is simple: assume everything is hostile by default. It's a major departure from the network security model built on the centralized data center and secure network perimeter—a model in use since the 1990s. These network architectures rely on approved IP addresses, ports, and protocols to establish access controls and validate what's trusted inside the network, generally including anybody connecting via remote access VPN.
In contrast, a zero trust approach treats all traffic, even if it's already inside the perimeter, as hostile. For example, workloads are blocked from communicating until they are validated by a set of attributes, such as a fingerprint or identity. Identity-based validation policies result in stronger security that travels with the workload wherever it communicates—in a public cloud, a hybrid environment, a container, or an on-premises network architecture.
Because protection is environment-agnostic, zero trust secures applications and services even if they communicate across network environments, requiring no architectural changes or policy updates. Zero trust securely connects users, devices, and applications using business policies over any network, enabling safe digital transformation.
Zero trust is being misused as a marketing term. Vendors are applying the term ‘Zero Trust’ to market everything in security, creating significant marketing confusion. Gartner, 2019
Core Principles of the Zero Trust Model
Zero trust is about more than user identity, segmentation, and secure access. It's a strategy upon which to build a cybersecurity ecosystem. At its core are three tenets:
- Terminate every connection: Technologies like firewalls use a “passthrough” approach, inspecting files as they are delivered. If a malicious file is detected, alerts are often too late. An effective zero trust solution terminates every connection to allow an inline proxy architecture to inspect all traffic, including encrypted traffic, in real time—before it reaches its destination—to prevent ransomware, malware, and more.
- Protect data using granular context-based policies: Zero trust policies verify access requests and rights based on context, including user identity, device, location, type of content, and the application being requested. Policies are adaptive, so user access privileges are continually reassessed as context changes.
- Reduce risk by eliminating the attack surface: With a zero trust approach, users connect directly to the apps and resources they need, never to networks (see ZTNA). Direct user-to-app and app-to-app connections eliminate the risk of lateral movement and prevent compromised devices from infecting other resources. Plus, users and apps are invisible to the internet, so they can’t be discovered or attacked.
Benefits of Choosing a Zero Trust Architecture
Today’s cloud environments can be attractive targets for cybercriminals aiming to steal, destroy, or ransom business-critical and sensitive data, such as personally identifiable information (PII), intellectual property (IP), and financial information.
While no security strategy is perfect and data breaches will never be totally eliminated, zero trust is among today's most effective strategies. Zero trust reduces the attack surface and mitigates the impact and severity of cyberattacks, reducing the time and cost of responding to and cleaning up after a breach.
Not to mention, a zero trust security model is the most effective means of cloud security there is. The ability to not trust any connection without proper verification is essential given the amount of cloud, endpoint, and data sprawl in today’s IT environments. Plus, the increase in visibility will make life much easier for IT and security from the administrator level all the way up to the CISO.
Use Cases of Zero Trust
1. Reduce Business and Organizational Risk
Zero trust solutions stop all applications and services from communicating until they are verified by their identity attributes—immutable properties that meet predefined trust principles, such as authentication and authorization requirements.
Zero trust, therefore, reduces risk because it uncovers what’s on the network and how those assets are communicating. As baselines are established, a zero trust strategy further reduces risk by eliminating overprovisioned software and services as well as continuously checking the “credentials” of every communicating asset.
2. Gain Access Control over Cloud and Container Environments
Access management and loss of visibility are security practitioners’ greatest fears about moving to the cloud. Despite enhancements in cloud service provider (CSP) security, workload security remains a shared responsibility between your organization and the CSP. That said, there's only so much you can affect inside the CSP’s cloud.
With a zero trust security architecture, security policies are applied based on the identity of communicating workloads and tied directly to the workloads themselves. This keeps security as close as possible to the assets that need protection, unaffected by network constructs like IP addresses, ports, and protocols. Protection travels with the workload and remains constant even as the environment changes.
3. Reduce the Risk of a Data Breach
Following the principle of least privilege, every entity is assumed hostile. Every request is inspected, users and devices are authenticated, and permissions are assessed before "trust" is granted. This "trust" is then continually reassessed as context changes, such as the user's location or the data being accessed.
Without trust, an attacker who gets inside your network or cloud instance through a compromised device or other vulnerability won't be able to access or steal your data. Moreover, because the zero trust model creates a "secure segment of one" with no way to move laterally, the attacker will have nowhere to go.
4. Support Compliance Initiatives
Zero trust shields all user and workload connections from the internet, so they can't be exposed or exploited. This invisibility makes it easier to demonstrate compliance with privacy standards and regulations (e.g., PCI DSS, NIST 800-207), and results in fewer findings during audits.
Implementing zero trust microsegmentation enables you to create perimeters around certain types of sensitive data (e.g., payment card data, data backups) using fine-grained controls to separate regulated and non-regulated data. During audits, or in the event of a data breach, microsegmentation provides superior visibility and control compared to the overprivileged access of many flat network architectures.
How to Get Started with Zero Trust
When designing a zero trust architecture, your security and IT teams should first focus on answering two questions:
- What are you trying to protect?
- From whom are you trying to protect it?
This strategy will inform the way you design your architecture. Following that, the most effective approach is to layer technologies and processes on top of your strategy, not the other way around.
In its zero trust network access (ZTNA) framework, Gartner recommends leveraging zero trust delivered as a service. You can also take a phased approach, starting with either your most critical assets or a test case of non-critical assets, before implementing zero trust more broadly. Whatever your starting point, an optimal zero trust solution will offer you immediate returns in risk reduction and security control.
Why Choose Zscaler as Your Zero Trust Solution?
Zscaler is the only cybersecurity vendor that offers a zero trust platform born in the cloud and designed for cloud organizations. What’s more, Zscaler is consistently nominated as a leader in the industry’s most prestigious analyst reports and rankings, and we have the backing of our innovative partners and customers to prove it.
All of this is made possible by our flagship platform: the Zscaler Zero Trust Exchange.
The Zscaler Zero Trust Exchange
The Zscaler Zero Trust Exchange™ is a cloud native platform built on zero trust. Based on the principle of least privilege, it establishes trust through context, such as a user’s location, their device’s security posture, the content being exchanged, and the application being requested. Once trust is established, your employees get fast, reliable connections—wherever they are—without ever being placed directly on your network.
The Zero Trust Exchange operates across 150 data centers worldwide, ensuring that the service is close to your users, colocated with the cloud providers and applications they are accessing. It guarantees the shortest path between your users and their destinations, providing comprehensive security and an amazing user experience.
Learn more about the Zero Trust Exchange.