There are two hot buzz terms in the world of cybersecurity today: zero trust and cybersecurity mesh. The idea of a zero trust architecture was introduced almost two decades ago, but the idea of following a zero trust model when designing your security infrastructure only started to gain in popularity about four years ago. Cybersecurity mesh, however, was introduced into the large pool of security design options less than a year ago. Regardless of how long the ideas have been around, zero trust and cybersecurity mesh are key components in ensuring the security of organizations today. Their importance has sharply increased in light of the “work from anywhere” movement we are currently seeing.
So what is a zero trust architecture and a cybersecurity mesh and how are they related to each other?
Zero Trust Architecture
A zero trust architecture no longer assumes that access to a resource through a particular network is secure. The practice of establishing a secure network perimeter and assuming your resources would be secure is no longer valid. As workers begin to work not from the office but from home or warm tropical getaways, they need to get access to those resources from outside that traditional secure network perimeter. The clearly defined perimeter has been destroyed. Workers now need access to resources outside of the workplace, so there is no longer a clearly defined network perimeter that can be protected.
You must now ensure that all users are authenticated and authorized to access the resources and that the context from which they are accessing the resource needs to be taken into account: the device, the location, the time, etc. Thus you can no longer trust any access requests and must always verify the request in terms of who it is coming from and where it is coming from. “Never Trust, Always Verify” is a primary principle of a zero trust architecture.
As organizations have slowly been moving to a work-from-anywhere structure (or very quickly been forced to enable their users to work from home because of COVID-19), security teams have had to rethink their security architecture to follow the principles of a zero trust architecture. Adopting a zero trust architecture as we have already stated means you can no longer trust any sort of access request unless you can verify who and where it is coming from. This means you have to assume threats can come from inside as well as outside.
All authorization must then be granted with a least privilege access approach. No more making folks Domain Admins or root users simply because it is easier than figuring out exactly what kind of privileges they need to do their tasks. Focus on securing at the individual workload level using security policies and application-level controls; this is known as micro-segmentation. Adopting a zero trust architecture will affect how users access every resource within your organization.
So where does cybersecurity mesh fit into this zero trust architecture? Simply put, cybersecurity mesh focuses not on establishing a secure perimeter around an entire enterprise network, but on protecting each device and access point. This is one of those key principles of a zero trust architecture we just mentioned: micro-segmentation. To implement a cybersecurity mesh, security policies have to apply at the identity level, the individual level versus at the network level by using firewalls, checking IP addresses and controlling ports. This ensures that resources are secure no matter how the rest of the infrastructure changes.
Since enterprise data can no longer be contained within an enterprise network, all connections must be considered unreliable unless they can be verified. A cybersecurity mesh helps implement a zero trust architecture by securing all data and systems are accessed securely no matter where they are located.
The Perimeters are Gone
Users are no longer working from just the office. Resources are no longer being accessed just from work devices. The time has come to:
- rethink how to secure your organization’s resources
- follow the principles of a zero trust architecture
Hopefully, you have already stopped giving folks full admin access unless it is absolutely necessary. Now is the time to redesign your network security as a cybersecurity mesh: make sure you have a centralized identity solution and start creating policies that will protect your resources at the individual level.