Implementing Zero Trust Using the Five-Step Methodology
Organizations have acknowledged Zero Trust as a means to successfully prevent cyberattacks. However, traditional security models and the concept of “all or nothing” has left companies hesitant to begin the Zero Trust journey. Fortunately, building a Zero Trust architecture is much simpler than it appears. Because Zero Trust is an augmentation of your existing architecture, it does not require a complete technology overhaul. Rather, it can be deployed iteratively while allowing you to take advantage of the tools and technologies you already have.
Using a five-step model for implementing and maintaining Zero Trust, you can understand where you are in your implementation process and where to go next. These steps are:
Define the protect surface. Working tirelessly to reduce the attack surface is not viable in today’s evolving threat landscape. The attack surface is always expanding, making it difficult to define, shrink or defend against. However, with Zero Trust, rather than focusing on the macro level of the attack surface, you determine your protect surface. The protect surface encompasses the critical data, application, assets and services—DAAS—most valuable for your company to protect.
Here are some examples of DAAS you might include in your protect surface:
- Data: Credit card information (PCI), protected health information (PHI), personally identifiable information (PII) and intellectual property (IP)
- Applications: Off-the-shelf or custom software
- Assets: SCADA controls, point-of-sale terminals, medical equipment, manufacturing assets and IoT devices
- Services: DNS, DHCP and Active Directory®
Once defined, you can move your controls as close as possible to that protect surface to create a microperimeter with policy statements that are limited, precise and understandable.
Map the transaction flows. The way traffic moves across a network determines how it should be protected. Thus, it’s imperative to gain contextual insight around the interdependencies of your DAAS. Documenting how specific resources interact allows you to properly enforce controls and provides valuable context to ensure the controls help protect your data, rather than hindering your business.
Architect a Zero Trust network. Zero Trust networks are completely customized, not derived from a single, universal design. Instead, the architecture is constructed around the protect surface. Once you’ve defined the protect surface and mapped flows relative to the needs of your business, you can map out the Zero Trust architecture, starting with a next-generation firewall. The next-generation firewall acts as a segmentation gateway, creating a microperimeter around the protect surface. With a segmentation gateway, you can enforce additional layers of inspection and access control, all the way to Layer 7, for anything trying to access resources within the protect surface.
Create the Zero Trust policy. Once the network is architected, you will need to create Zero Trust policies using the “Kipling Method” to whitelist which resources should have access to others. Kipling, well known to novelists, put forth the concept of “who, what, when, where, why and how” in his poem “Six Serving Men.” Using this method, we are able to define the following:
- Who should be accessing a resource?
- What application is being used to access a resource inside the protect surface?
- When is the resource being accessed?
- Where is the packet destination?
- Why is this packet trying to access this resource within the protect surface?
- How is the packet accessing the protect surface via a specific application?
With this level of granular policy enforcement, you can be sure that only known allowed traffic or legitimate application communication is permitted.
- Monitor and maintain the network. This final step includes reviewing all logs, internal and external, all the way through Layer 7, focusing on the operational aspects of Zero Trust. Since Zero Trust is an iterative process, inspecting and logging all traffic will provide valuable insights into how to improve the network overtime.
Once you have completed the five-step methodology for implementing a Zero Trust network for your first protect surface, you can expand to iteratively move other data, applications, assets or services from your legacy network to a Zero Trust network in a way that is cost-effective and non-disruptive.
To learn more about implementing Zero Trust, please read our in-depth guide on 5 Steps to Zero Trust.