We write a lot about how to prevent ransomware attacks, and though prevention is the best defense, there’s no such thing as perfect security. Is your network prepared to withstand a ransomware attack that’s slipped past the gates? The “Zero Trust” model offers a solution to ensure your organization can bounce back quickly, even after a successful attack.
Once upon a time, networks were specific to a location—one office, one LAN. Even as they grew, most networks were still specific to a certain topology—one type of company-wide network spanning multiple offices, such as multiple office LANs tunnelling into the wider organization’s network.
That model has long moved on. Today, networks span many locations across the globe and incorporate many varieties of networks, including mobile device networks and cloud infrastructure. This of course brings with it modern challenges. It’s no longer enough to secure one contained network—you must secure what Microsoft calls an entire “portfolio” of devices and many networks, often linked together by a wider cloud architecture.
The Zero Trust model is designed for just such a complex environment. The model is essentially built around three basic objectives:
The Zero Trust model assumes an attack will inevitably occur, given enough time. That’s why the first objective is all about getting ahead of the future attack and adopting the mindset that you will be attacked.
The second objective is all about damage control. A ransomware attack need not be catastrophic. If you assume it will one day happen, you can devise a containment strategy and implement a security model that immediately isolates an attack in its place.
The third objective looks to cloud architecture to bolster your containment strategy. Multiple networks and types of networks, all linked via a broader cloud, introduce many opportunities to set up well-monitored and well-contained gates. Once an attack slips through one door, immediately close all the rest. A sufficiently complex cloud footprint can keep an attack isolated to the area in which it slipped in.
Zero Trust is more than a model or a mindset. It can’t be implemented overnight, it isn’t simple to implement, nor can it be solved by any one vendor’s product. The Information Security Forum (ISF) likens implementation to digital transformation. The former, like the latter, requires a long-term approach, serious commitment, and willingness to do the hard work necessary to see it through.
In a world of ever-evolving ransomware (to say nothing of the myriad of other cyber threats), the Zero Trust model is worth the investment. Assuming prevention is enough fosters a false sense of security that’s quickly shattered the first time a zero-day attack strikes. This model adds a layer of assurance so that you know you’re prepared for the worst.
This article has discussed models and mindsets, but that’s just the start. Future installments will provide details on the core principles that fulfill Zero Trust’s objectives, and how microsegmentation is the key to implementation.