In 2022, many businesses will introduce hybrid working to leverage the benefits of remote working and office-based work. Although this should improve productivity, collaboration, and efficiency, it also introduces more digital attack surfaces, and poses a complex challenge for businesses. This modern challenge requires a modern cybersecurity solution, and for some businesses, this will be the introduction of a Zero Trust approach. In this article we detail the importance of the Zero Trust approach, how hybrid work has changed the threat landscape, and how Zero Trust can be implemented within your business.
The Zero Trust security model assumes that there are malicious actors both inside and outside a network. Therefore, no users or machines are automatically trusted, and all requests must be authenticated and authorised. This verification is based on all data points, including user identity, device health, service or workload, classification, and anomalies. Another key principle of the Zero Trust security model is least-privilege access. This states that users should only be able to access the data they need to do their job, and nothing more.
The rise of hybrid work has increased the digital attack surface available to cybercriminals. When employees worked from an office, the attack surface was limited to the endpoints and networks physically in the office. Now businesses must secure the office-space, the endpoint device when an employee is working from home, and their home network. This is even more concerning if a business has a bring your own device (BYOD) policy, as poor security hygiene on this device may lead to a cyberattack within the business.
These challenges also coincide with a massive rise in sophisticated ransomware. This means that the potential consequences of a cyberattack are now more dire. The majority of these attacks were initiated by a phishing attack, which have become more common in the past year. In 2021, 83% of cyberattacks were phishing attacks, and it’s expected that this number will increase in 2022. As remote and hybrid work has changed the threat landscape, it’s clear that businesses need to adapt their security models to mitigate these risks.
The backbone of Zero Trust is to ‘never trust, always verify’, meaning that all users, devices, and networks should be treated as malicious. There are three principles in the Zero Trust model.
In a hybrid work environment, this principle means that all users, endpoints, and networks should be verified. In practice this means that multifactor authentication or passwordless authentication should be enabled for all users. This will prevent most account compromise attacks, but should be used alongside Conditional Access, with conditions based on the user’s typical work locations.
With the move to hybrid work, businesses must consider how employees will be using their own devices in a work context. With least privileged access, business can ensure that nothing is shared which shouldn’t be. This principle can be deployed using Microsoft Defender for Endpoint, as it gives the latest security recommendations and vulnerabilities for all endpoints, including workstations, servers, and mobile devices. This will solve the challenge of IT teams having less visibility over an employee’s endpoint devices.
The concept of assuming breach is to focus on preparedness, rather than prevention. This helps detect and isolate adversaries before they move laterally across a network and inflict substantial damage. This is increasingly important in a hybrid work environment, as it spans across multiple platforms, clouds, and on-premises. If businesses assume breach, they are able to mitigate these risks, from malicious actors, both inside and outside a network.
There are multiple principles in the Zero Trust security model, and your business may already have implemented some of the necessary technology. However, transitioning to a comprehensive zero trust security model takes time and significant planning as it involves completely rethinking how a business views security.
The key to successfully implementing zero trust architecture in a business is to first take inventory of existing mechanisms and technology. Microsoft has all the components necessary for a migration to a Zero Trust model, including identity access management, endpoint management, in-app permissions, data protection, and infrastructure and network security. Once your business has implemented all the necessary technology and policies it should be regularly reviewed and iterated upon to dynamically enforce policy changes.
The Zero Trust security model is a modern rethinking of what constitutes a comprehensive security solution for a business. As more businesses adopt a hybrid work model, moving to Zero Trust will ensure they stay safe from all modern and future attack methods. However, the road to zero trust is not simple, and it takes time and expertise to ensure that all the potential benefits are realised. If your business is considering moving to a Zero Trust security model, or if you want to find out more, get in contact with us today.