So, exactly what is a zero trust network? Simply put, it is a network that functions on the philosophy that, because attackers can be found both within and without the network, no identity should be automatically granted access.
While each zero trust network can vary, there are a few key components of zero trust that are important to include:
Multi-Factor Authentication (MFA)
A common security feature, multi-factor authentication (MFA) requires multiple ways of confirming an identity before granting access. Such confirmation may include security questions, email confirmation, text messages, and more.
Real-time monitoring constantly evaluates a network to detect intruders and limit the damage that can be done if a system is compromised.
Real-time monitoring is vital for mitigating damage when preventative measures have not worked. It allows networks to improve “breakout time” which refers to the time after a hacker penetrates a device and when he or she can move on to other systems and devices.
Another important aspect of zero trust that comes into play when a system has been penetrated is microsegmentation. This technique involves creating small segments of every part of the network.
By creating several different perimeters throughout the network, a hacker is unable to access the network beyond the small microsegment which has been penetrated.
Trust Zones and Auditing Default Access Controls
Networks can be divided into security or trust zones as part of TIC 3.0 to allow users to share data within the zone. This further helps prevent intruders from accessing additional data.
Of course, trust zones are only effective if all requests to access systems and zones are encrypted and authorized as part of the default access.