Trust no one: How a zero trust philosophy can help to prevent cyber-attacks

Opinion by Andrew Avanessian

By restricting administrative rights to only those within the organisation who need them you are significantly limiting the potential of a breach within your system.

Traditionally, many organisations have operated a policy of trust for users inside their business, enabling access to the majority of files and applications on the corporate system to ensure staff can work freely. In doing so, this means that it is a network's perimeter that holds the strictest security measures. But this model of security has quickly become outdated. 

The premise of 'egg shell security' – a hardened outer layer of cyber-defences, with little in terms of risk management once an attacker has broken in – is no longer sufficient to safeguard precious consumer and corporate information. Instead, modern businesses are now adopting an ethos of defence in depth, and this is where the philosophy of Zero Trust originates.

This concept is simple. Under zero trust, there is no safe zone and no trusted networks. Instead, all users are treated as a potential security threat and always require verification  to access applications, corporate systems and data. It also means that not all users hold the same level of access within an organisation.

Implementing a zero trust philosophy in the workplace may sound harsh, or like a challenging prospect, but it since it makes a cyber-criminal's job far more difficult and seriously limits the damage that they can cause, it's certainly worth it. Adopting a zero trust philosophy can also be done in a way that makes employees happier and more efficient, and it's quite simple to do if you break it down into a few easy steps.

Restrict administrative rights to only those users who need them

Not everybody needs access to administrative privileges, and in environments where all employees have access to them, successful hackers have far more incentive to try and break into your system. Once in, a hacker would have access to everything that a system administrator does and can cause far more damage. By restricting administrative rights to only those within the organisation who need them you are significantly limiting the potential of a breach within your system.

Administrators in a zero trust environment factor in individual user's data requirements, the location they are accessing their data from and what parts of the enterprise they are trying to access, to set their level of privilege to an absolute minimum and reducing the attack surface. Adjusting admin rights for specific applications, tasks, scripts and installers also means that access can be tailored to the needs of individual users, reducing any disruption to a minimum.

Ensure that users can only access data appropriate to their role

Zero trust may seem cumbersome and limiting, but in reality, it means that users are only granted access to the applications and systems they need to carry out their day-to-day activity. For example, the marketing team would not need or have access to financial documents, and although this would be helping to mitigate the impact of a security breach, it's unlikely to restrict the user's capabilities to perform their job. Therefore, should an attacker successfully gain control of a user's account, the damage they will be able to inflict on a business will be hugely limited. 

By focusing on internal safeguards that remove the free rein of user privileges, such as application control tools and solutions that restrict admin rights and prevent the running of unknown code, an organisation operating in a Zero Trust environment is better able to reduce the impact of cyber threats. This ‘hard-boils' the eggshell security model not just by making it more difficult for attackers to get in, but once they do get in, they are massively limited in terms of what they can access.

Train and educate your users on best practices

Although this is quite a simple step to implement, it's still surprising how few people regularly update their passwords or save their work to public servers. A simple education piece should help to alleviate many of these issues that you might experience in the workplace and will ensure that your users are aware of how and when potential breaches could occur. Of course, you can also often set applications to remind users to change their passwords frequently, so you need not rely solely on your staff. This will help to guarantee that your users are working not just securely, but also efficiently and will reduce the amount of potential attacks.

Following these simple steps should ensure that productivity remains high whilst eliminating a large number of threats facing your business. 

Zero trust removes the old 'castle and moat' mentality that saw organisations rely almost completely on strong outer defences, and instead places all users on an even footing and provides robust defences at every turn.

Contributed by Andrew Avanessian, chief operations officer at Avecto

*Note: The views expressed in this blog are those of the author and do not necessarily reflect the views of SC Media UK or Haymarket Media.

Topics:
Security

Find this article useful?

Get more great articles like this in your inbox every lunchtime

Upcoming Events