In Managing Security in the Age of Zero Trust, NetCraftsmen introduces Zero Trust as a data-centric approach to security. This involves identifying the data assets and adjusting or creating an Enterprise Information Security Policy (EISP) that protects data and takes a risk-based approach to security.
So, what exactly is a “risk-based” approach from a technological perspective?
From a security management standpoint, there is a risk-based methodology called the “CIA Triad”: Confidentiality, Integrity, and Availability (CIA). Confidentiality means that only authorized users and processes should be able to access or modify data. Integrity describes that data should be maintained in a correct state, and nobody should be able to improperly modify it, either accidentally or maliciously. Finally, Availability describes that an authorized user should be able to access data wherever and whenever they need it.
Integrity is often simplified to mean checksums, backups and/or disaster recovery (DR). But it literally means that data should be maintained in a correct state, and no person or process should be able to improperly modify it.
As a result, there is substantial crossover with Confidentiality. Encryption prevents several vectors and role-based access controls (RBAC) and attribute-based access control (ABAC) define user access to data. For example, this creates an environment that segments access so a user can’t modify what they can’t reach.
But the unique contribution is with data integrity and that is maintained through technologies such as digital certificates, digital signatures, hashing and yes, backup and recovery technologies. This establishes the goal of ensuring the data is both trustworthy and tamper proof.
The ultimate safeguard is immutable storage. This is where copies of the data are made that cannot be modified. This is emerging as a primary defense against ransomware attacks where the attacker encrypts the data and holds it hostage to extort money. With one client we designed a solution moving the immutable backups to a colocation facility not visible from within their environment. This kind of offsite storage is also a safeguard against any number of DR scenarios.
The Zero-trust approach with integrity is to integrate the approach across all IT silos. This means implementing least privileged access technologies such as RBAC and even ABAC, an emerging technology standard that can apply context to the permissions. It also involves coordinating encryption technologies, certificate management, and backups that include immutable storage as needed.
Loss of integrity is defined as data being modified without authorization. A public example of a security breach based on integrity is defacing a public web site to sully a firm’s reputation. A more insidious example would be breaching an administrative account and changing file permissions to permit changes.
However, this could also be a technological or systems failure. We have worked on a couple of cases where a backbone network was taking errors at a rate just below the threshold for circuit failure but high enough that the bit error rate was producing packets with multi-bit errors. At a high enough rate multi-bit errors can result in data corruption.
To fight this, we need all the technologies deployed for confidentiality along with operational excellence. On the integrity specific side, the technologies needed include digital certificate management, backups, disaster recovery planning and immutable storage.
No single company has a complete product or even product set for integrity, let alone Zero Trust, but perfection is the enemy of progress. As a result, we should be looking for solutions that improve the current situation and move us forward.
In our work, we partner with Cohesity and Pure Storage for backups, immutable storage systems and disaster recovery. For identity-based secure access and segmentation, we are partnered with Elisity but also work with traditional vendors such as Cisco, Illumio, Palo Alto, and Zscaler.
Ongoing Call to Action
EISPs and the downstream technological policies need to be living systems and kept up to date as the business evolves and changes. As a result, a governance process needs to be established to tie the senior management team with the technology teams tasked with protecting and managing the firm’s data assets.
For a practical view on including the CIA Triad within your Security Practice you can read our blog on this subject: Architecting an Information Security Program for the Enterprise.
As always, NetCraftsmen consultants are here to assist and guide your journey to a more secure future.
This article is part of an on-going series on network security. Links to the other members of the series: