What Is Zero Trust, and Why Does It Work?

With IoT comes the addition of exponentially more connected devices, each one adding potential vulnerabilities to your network. Following a zero trust security model is one way to increase network security no matter who or how many devices try to gain access.
A man peeks over the top of his laptop, and the words read, "Trust no one: What is zero trust security?"

With the Internet of Things (IoT) comes the addition of exponentially more connected devices, each one adding potential vulnerabilities to your network.

“IoT is great, but you're going to have 40,000 more things to attack on your network than you had before IoT, increasing your attack surface exponentially,” said Tina Gravel, senior vice president of Global Channels and Alliances for Cyxtera Technologies. IT pros need to guide their organizations toward solutions that are secure for everyone’s sake.

“If they're not mindful about what can happen with these devices and how to manage them, it's an issue,” Gravel said. Following a zero trust security model is one way to increase network security no matter who or how many devices try to gain access.

What Is Zero Trust?

Zero trust, a term originally coined by John Kindervag, means what it says: don’t trust anyone who is accessing your network. That means users do not have access until they are approved to do so. The company sets up entitlements that allow them to access what they need – and only what they need – for their work role.

Zero trust is a cybersecurity posture that assumes everyone trying to get in is up to no good. This doesn’t mean that your employees are nefarious, but an employee’s access could be compromised and the person trying to access the network may not be who you think they are.

“We're trusting our end users way too much,” Gravel said. “A system that is managed via a zero trust model reviews the user in finite, contextual ways to ensure they are who we think they are.”

Software-defined perimeter (SDP) systems can be set up to ask the end user contextual questions:

  • What are you trying to access?
  • Are you in the right department to be accessing these assets from the cloud?
  • Do you have the right permissions?
  • Are you in the correct network space?

Once a user is granted access, they are still limited to what they are supposed to do, and they are not allowed to move laterally or see other assets they don’t have permission to see.

“You have to apply permissions so the ones who are accessing the network are doing things they're supposed to do,” Gravel said. “Then, when the SDP system sees an anomaly, it will block access.”

How AI Factors into Zero Trust Security

Zero trust solutions aren’t limited to people; they include managing the access of devices that communicate with one another — powerful cybersecurity tools to have in place as IoT takes legs.

Rather than assigning an engineer to keep an eye on the system all day, machine solutions built with artificial intelligence (AI) monitor activity and send alerts when something is up, freeing up the human side of the workforce to follow up on the serious threats.

“AI is definitely great at eliminating the noise,” Gravel said. “It can give you an idea that a breech is about to happen so you can turn it over to one of your smart people to handle it.”

Cyxtera, has more than 60 data centers globally combined with four types of innovative security software. They use zero trust security solutions that employ SDP to identify each user that wants it, what they’re trying to access and if their role entitles them to do so.

“We’re a company that practices zero trust,” Gravel said. “I’d like to see more companies embrace this standard of not trusting anyone who’s accessing the company jewels and applying permissions accordingly.”

How to Implement Zero Trust Solutions

As IoT and machine learning solutions take shape, automation is being used on the cybersecurity side as a healthy solution to reduce human burnout with data processes. When mapping out solutions for people, IoT developers have to ask hard questions, and a lot of them.

“You have to know what you want, do an assessment and know what you're willing to take on as far as the risk,” Gravel said.

For more security awareness tips to keep hackers at bay, download our free guide, 7 Security Hacks to Use Now.

Michelle Lange is a writer and designer living in Chicago.

Leave a Comment