4 min read


Businesses who want to reliably prevent the exfiltration of sensitive data and improve their ability to defend against modern cyberthreats can consider a Zero Trust architecture. Zero Trust, introduced by analyst firm Forrester Research, is an alternative architecture for IT security.

Conventional security models operate on the outdated assumption that everything on the inside of an organization’s network can be trusted, but given increased attack sophistication and insider threats, new security measures need to be taken to stop them from spreading once inside. Because traditional security models design to protect the perimeter, threats that get inside the network are left invisible, uninspected and free to morph and move wherever they choose to successfully extract sensitive, valuable business data.

Zero Trust, rooted in the principle of “never trust, always verify,” is designed to address lateral threat movement within the network by leveraging micro-segmentation and granular perimeters enforcement, based on user, data and location. Lateral movement defines different techniques that attackers use to move through a network in search of valuable assets and data. With traditional perimeter-based security, businesses can define sub-perimeters within their organization networks using a specific set of rules for each using context around user, application traffic direction, etc. These sub-perimeters are designed to identify the spread of an attack within an organization and stop the unrestricted lateral movement throughout the network. Remember, the point of infiltration of an attack is often not the target location, and thus the reason stopping lateral movement is so important. For example, if an attacker infiltrates an endpoint, they may still need to move laterally throughout the environment to reach the data center where the targeted content resides, or if credential phishing is successfully used, those credentials should be authenticated against the database to reach the location of the data an attacker is seeking to extract.

How you define movement or access is based on who the user is and the defined appropriate interaction. For example, in most organizations users in marketing would be allowed to access databases with marketing content, customer content, and Salesforce, but would not have access to financial files or data; users in finance can have access to financial-related databases, but not HR information; and so on. It’s critical to identify who the users are, which applications they are trying to reach, and if the action is considered an appropriate session. If these junctions, or inspection points, are not in place, you cannot identify the traffic to stop the movement.


Zero Trust is All About Changing How You Think

  • Ensure all data and resources are accessed securely, based on user and location.You must identify the traffic and data flow that maps to your business flows, and then have the visibility to the application, the user and the flows. Understanding who the users are, what applications they are using and the appropriate connection method is the only way to determine and enforce policy that ensures secure access to your data.
  • Adopt a least-privileged access strategy and strictly enforce access control.By doing this, businesses can significantly reduce the pathways for attackers and malware.
  • “Always verify,” meaning inspect and log all traffic. To effectively do this, identify the appropriate junctions for inspection and build in the inspection points. Security rules, based on business policies, should be used to identify and allow or deny the traffic and activity to move through the “inspection points” gating your sub perimeters. This enables the segmentation of sensitive resources and establishes trust boundaries to help prevent the exfiltration of sensitive data.
  • Add more authentication methods to counter credential based attacks.
  • Never trust, always keep adding context and keep your roles up-to-date.



How to Achieve a Zero Trust Architecture

Use Zero Trust to gain visibility and context for all traffic – across user, device, location and application – plus zoning capabilities for visibility into internal traffic. To gain traffic visibility and context, it needs to go through a next-generation firewall with decryption capabilities. The next-generation firewall enables micro-segmentation of perimeters, and acts as border control within your organization. While it’s necessary to secure the external perimeter border, it’s even more crucial to gain the visibility to verify traffic as it crosses between the different functions within the network. Adding two factor authentication and other verification methods will increase your ability to verify users correctly. Leverage a Zero Trust approach to identify your business processes, users, data, data flows, and associated risks, and set policy rules that can be updated automatically, based on associated risks, with every iteration.

To learn more about Zero Trust and implementing Zero Trust networks, read the whitepaper, "5 Steps to Zero Trust" or view the “How to Enable Zero Trust Security for your Data Center” webinar.

You can also view the following pages on the Palo Alto Networks website for additional information:


Ignite 2017 Vancouver