Zero Trust (ZT) is a security concept based on the principle of “never trust, always verify”. Essentially, ZT accounts for the fact that threat exists everywhere; both within, and outside, an enterprise’s traditional perimeters. Hence, Zero Trust does just that; it eliminates the component of trust given to enterprise users and devices. Instead, access to resources is based on a dynamic policy that supports the principle-of-least-privilege (PLP) and is enforced by the Zero Trust Architecture (ZTA). In other words, when a device makes an access request for a specific resource, the ZTA evaluates the request by identifying the device (authentication) and referring to the access policy to determine whether said device can gain access, and to what extent (authorization).
Today, we need Zero Trust more than ever
The concept of ZT is not new. It was actually first introduced in 1994, but, like anything, it takes a while for people to start catching on. And, as the threat landscape continuously evolves, now, more than ever, is the time to start catching on.
Typically, internal users and devices are automatically trusted. This is because it’s assumed that the secure walls of the enterprise are enough to keep out malicious criminals out. A rooky error that IT departments are becoming increasingly concerned about, hence the desire to adopt ZT. Nowadays, one cannot assume that an internal user, or device, can be automatically trusted. Why? Well, for starters, insiders themselves might act with malicious intent. Several reasons might incentivize such action, and the employee’s insider privileges can prove beneficial in causing maximum damage. However, more worrisome is that enterprises struggle to provide comprehensive security due to a lack of visibility and control.
Securing hardware assets in organizations
The working environment is becoming increasingly expansive in terms of assets and perimeters. And, subsequently, it is becoming more demanding to secure both. The more hardware assets an organization has, the more difficult it is to manage them all. This is especially due to COVID-19 causing a rise in shadow IT within enterprises. The pandemic caused a rapid shift to remote work, which was unfamiliar territory for many organizations. And with little time to implement the relevant policies, many employees were – and still are – using personal devices for work purposes. And these BYOD devices often go unmanaged. Shadow IoT also becomes a significant risk to the enterprise as many household-IoT devices are infiltrating the corporate network yet lack sufficient, if any, security measures, greatly expanding the attack surface.
Furthermore, with the traditional working perimeters slowly fading away, remote work often means that employees are working in less secure environments. This of course, increases the susceptibility to attack. So, with more entry points, and less control over such entry points, any device could have been compromised by a malicious actor. This provides them with insider access.
Think about a football game at Wembley Stadium. All attendees must go through physical security checks. As a result, it is assumed that no one inside the stadium is carrying any dangerous items. But it is Wembley, the biggest football stadium in the UK, and it’s guaranteed that there will be exposed entry points. Just like Wembley, when a malicious actor gains access to the enterprise’s network, they are basically free to roam wherever they wish.
The struggle is real
While security departments struggle, malicious actors thrive. The IT department’s job becoming more of a challenge with the rise of telework. And attackers’ tools, techniques, and procedures are becoming more deceitful. Cybercriminals are constantly demonstrating their ability to bypass traditional network and endpoint detection and response solutions. So, the “secure walls” I mentioned early are not, in fact, that secure. In some instances, bypassing such measures is not even necessary. Attackers will use social engineering techniques to have an insider – wittingly or unwittingly – cause a cyber incident. And employees’ access privileges (granted under the assumption of trust) only make the extent of the attack more damaging.
With ZT, the trust given to internal users and devices is eliminated, and resources are protected under the assumption that there has already been a breach. To do this, access is granted based on PLP – permitting access only to those resources necessary to carry out the job – and implemented by micro-segmentation. By splitting the network into smaller, more granular sections, micro-segmentation prevents lateral network movement in an effort to reduce the blast radius of an attack.
All that free roaming around that attackers love to do? With micro-segmentation, it is no longer possible. Every access request is evaluated and determined by a dynamic policy that relies on various data sources to provide real-time information. In doing so, the idea is that no malicious actor – whether internal or external – can exploit insider privileges. With the risks of today’s working environment, and the benefits of ZT, 40% of organizations have increased their adoption of the security model.
Zero Trust does not mean zero challenges
Nothing is perfect, not even ZT. There are several challenges associated with the model and its efficacy in securing the organization (see table below). Unfortunately, the ZTA’s reliance on Identity and Access Management (IAM) to evaluate access requests is challenged by a lack of complete asset visibility, which results in blind spots. According to PulseSecure’s 2020 Zero Trust Progress Report, 71% of organizations are seeking to improve their IAM, highlighting the need for deeper visibility. Existing security solutions do not cover the Physical Layer. This means that Spoofed Devices, which operate on this layer, are able to impersonate legitimate devices and subsequently bypass ZT security protocols.
So, despite ZT enabling the safe use of BYODs and “good” shadow IT and IoT, the security model is not enough to protect against such devices compromised by a Spoofed Peripheral. In fact, BYOD and shadow IT exposures are a cause for a concern among 43% and 40% of organizations, respectively. As a result of a lack of visibility, there are spillover effects that create additional challenges. Naturally, malicious actors seek to exploit the visibility blind spot and turn to hardware-based attacks (operating on the Physical Layer).
To mitigate such challenges, Sepio Systems’ Hardware Access Control solution (HAC-1) provides Physical Layer visibility, Hardware Access Control capabilities, and Rogue Device Mitigation that enhance the overall ZTA and ZT approach. Security on the hardware level brings a panacea to the blind spots of the traditional ZT model. And HAC-1 enables organizations to overcome the visibility challenges that hinder the efficacy of ZT. Zero Trust Hardware Access is the missing piece of the puzzle in achieving a complete Zero Trust environment.
Zero Trust Hardware Access
|Component of ZT||Challenge||Challenges mitigated by HAC-1|
|Comprehensive security monitoring for validation of users and their devices’ security posture.||Visibility The ZTA relies on identifying a user and device to evaluate the access request. However, hardware-based attacks involve the deployment of tools which hide/spoof their identity: Rogue Devices. By manipulating the authentication and authorization processes, such devices render the ZTA ineffective as they are not validated with accurate information. As a result, access is granted under false pretenses, allowing the attacker to bypass ZT security protocols.||Complete Asset Visibility HAC-1 provides enterprises with ultimate asset visibility through Physical Layer fingerprinting. As the only company to offer Layer 1 coverage, HAC-1 can see all assets operating within the enterprise’s infrastructure whether they are managed, unmanaged or hidden. More importantly, HAC-1 reveals the device’s true identity. Physical Layer fingerprinting technology and Machine Learning allows HAC-1 to calculate a digital fingerprint from the electrical characteristics of all devices. The digital fingerprint is compared with the extensive built-in threat intelligence database for known-to-be-vulnerable devices to instantly detect when a vulnerable or malicious device is present within the organization.|
|Granular, dynamic and risk-based access control through policy enforcement.||Access policies Access policies enable the ZT security measure of micro-segmentation. By breaking the network into smaller, more granular parts, the enterprise can implement PLP by granting access only to the resources necessary to carry out the job. It is access policies that indicate to the ZTA which segment(s) the requesting entity is permitted to access. Such policies, however, cannot be accurately enforced on assets that impersonate legitimate devices, or those which are not visible to the ZTA. How can the security guards at Wembley stop the unauthorized attendees from entering the stadium if they go to an unmanned entrance? Ineffective access control allows the malicious actor to bypass micro-segmentation and move laterally across the network. Moreover, the creation of data access policies is based on asset and network traffic information. The lack of visibility means that policies are created without full information, resulting in validity and reliability issues.||Hardware Access Control HAC-1’s policy enforcement mechanism allows the system administrator to define a strict, or more granular, set of rules for the system to enforce that controls hardware access based on device characteristics. Furthermore, the threat intelligence database enables HAC-1 to notify the system administrator when a vulnerable device has been detected, allowing action to be taken to determine how such device should be handled. Through such capabilities, micro-segmentation is achievable as the policies are not only enforced on all devices, but are based on complete, accurate information.|
|System security automation that protects data and resources.||Insufficient protection The two challenges mentioned above mean that an enterprise cannot be sure that its data and resources are protected. If the ZTA mistakenly grants access to a Rogue Device, the perpetrator has the ability to carry out harmful attacks on the victim the directly puts its data and resources at risk.||Rogue Device Mitigation HAC-1 automatically instigates a mitigation process to block unapproved or Rogue hardware as soon as a device breaches the pre-defined policy. In doing so, the attacker is stopped at the first hurdle, and is unable to even attempt to bypass micro-segmentation and other security protocols. By blocking the perpetrator at the first instance, the enterprise’s data and resources are protected from malicious hardware-based attacks.|