With the remote work and the recent progress in digitalization of companies, the chances of hearing the unfamiliar word “zero trust” have increased.
Definition and Background
Zero Trust is the idea of taking security measures on the premise that you literally do not trust anything.
In the conventional security measures, on the premise that the internal network is safe, the mainstream security is to monitor only the boundary between the external and internal networks with a firewall or the like.
However, the internal network is not always safe due to the increase in the number of devices used by companies using cloud services, the increase in companies shifting to remote work while the COVID-19 is widespread, and the increase in information leakage due to internal fraud. Nowadays, it is becoming doubtful to say whether the internal network is safe.
In other words, with this traditional security measure, once access to the corporate (internal) network is granted, it is trusted under any circumstances, information access is granted, and only network boundaries are monitored. It was revealed that the traditional security measures are insufficient, and the idea of zero trust was born.
There are seven requirements to achieve zero trust, and it is believed that zero trust security can be achieved by meeting these requirements.
- Network security
- Workload security
- Device security
- Data security
- Identity security
- Visualization and analysis
- Automation
Network Security
The internal network approves each device and denies access for unauthorized devices.
Workload Security
By monitoring the workload (all systems), you can prevent the intrusion of unexpected threats.
Specifically, when an employee introduces or uses a connection or application that the information system administrator does not approve, it automatically detects it, warns the user, and notifies the information system administrator, preventing loss due to connections and applications that have not been known.
Device Security
By managing the devices used by employees, allowing access only to the devices managed in-house, and managing the version with asset management software etc. regarding security, the security status of the devices being used is always high.
Data Security
It monitors and protects confidentiality and prevents from taking out internal information and information leakage from external factors.
Specifically, it will raise awareness of confidentiality and handling of internal information by implementing security education within the company, monitor and protect confidential information with external tools, and prevent information leakage from external factors.
Identity Security
The idea is to change the login ID and password at the time of access for each period, and to give only the minimum access rights necessary for business.
It also includes multi-factor authentication and continuous verification even after one pass.
Visualization and Analysis
It visualizes the security status and detects, analyzes, and responds to attacks.
Automation
By automating workflows and processes, it enables quick resolution when problems occur with automatically performing actions for device isolation and repair to eliminate threats when problems actually occur
Pros and Cons
With the spread of remote work, the use of cloud services has increased as work styles which do not require specific locations are becoming normal.
On top of that, it is dangerous to continue conventional security measures, and it is becoming necessary to take zero trust type security measures.
Pros
Use of Cloud Services with Confidence
Zero Trust works effectively even for cloud services for which security measures have not been taken due to blurred network boundaries.
Since there is no network boundary, you can build security that protects not only cloud services but also the internal environment.
Carrying out Work Safely Regardless of Work Location
With Zero Trust, only authorized devices can access the network, so you can access it with confidence anywhere, such as at home or in a coffee shop.
Cons
Cost
Even after permitting access to in-house systems and apps, it is necessary to check for suspicious movements and abnormalities.
Thus, even if you have permission to access the device, you need to constantly monitor the behavior, which incurs running costs.
Inconvenience and Inefficiency
Since you do not trust anything, security measures such as access control increase the number of authentications, which may make it inconvenient for business.
コメント