The term zero trust is becoming more commonplace, with virtually every vendor claiming their products support a zero trust architecture (ZTA) or zero trust network architecture (ZTNA).
Much of the buzz is driven by Executive Order 14028, which tasks the Cybersecurity and Infrastructure Agency (CISA) and other agencies with boosting cybersecurity across industries and protecting software supply chains.
This undertaking involves defining ZTA and demonstrating to security experts that adopting zero trust principles benefits enterprises by significantly reducing the risk and impact of data breaches.
The zero trust philosophy is driven by the need to replace the historical perimeter with an in-depth defense and a more granular model appropriate for today’s hyper-connected world. In other words, rather than the previous “castle-and-moat” defense model, where cybersecurity is “hard on the outside, but soft on the inside,” the ZTA model bolsters internal security to equitable levels with external protection. The benefits of investing in a zero trust framework are transformational for enterprises.
In a zero trust world, all actions require explicit authorization and authentication. You are not granted access just because you are on the corporate network or connected to the corporate VPN. In the virtual data center, mutual TLS protocol is used extensively, all data is encrypted (at rest and in transit), and network access is both segmented and controlled.
Access authorizations are dynamic and based on continuous policy evaluation or risk assessment using contextual information, such as (but not limited to):
Organizations benefit from adopting zero trust architecture in three broad ways:
The risk of compromise is greatly reduced by imposing more granular access controls and improving protection and detection capabilities for applications, data, devices, and networks.
In this model, identity is the new boundary, compared to the historical model of network access controls providing the exterior perimeter. This strategy decreases risk and improves business continuity planning when designed correctly.
By making applications Internet-accessible, companies can simplify the corporate network architecture and reduce operational expenses.
Many organizations embark on this change as part of a strategy to depart the corporate data center and move to the Cloud. Like how users can access Gmail, Outlook, or Facebook on a web browser, this “Software-as-a-Service model” lets employees access mission-critical applications online. As an added benefit, employees may work remotely and securely from anywhere in the world with a reliable Internet connection.
Government regulations are changing, requiring increased security controls that effectively require ZTA for all federal agencies and their subcontractors.
CBTS operates across domains such as security, enterprise architecture, and product architecture to create a zero trust roadmap for your business. This roadmap is a cohesive strategy that reduces risk and outlines each step in implementing your zero trust framework to achieve maximum benefits.
To achieve this, we have several core offerings that can be tailored to your individual needs. This process guides customers through a phased approach, as described below.
This professional service engagement takes the CISA zero trust architecture model and maps function to resources and vendor products. This phase is tailored to maximize the enterprise’s existing investments in IT systems, services, and processes. Additionally, CBTS can include budgetary cost forecasts for all or part of the roadmap implementation.
Our team of professional services engineers and security architects can provide a turnkey implementation or augment your own architects and engineers to guide and assist in the implementation process.
Our cloud and security operations teams can support a subset of the vendor offerings required to run a ZTNA delivery model. This includes our managed detection and response (MDR) capabilities, which are often used by smaller clients who cannot afford or do not want to establish a 24x7x365 security operations capability.
At CBTS, we know all enterprises will benefit from a move toward a zero trust architectural and delivery model. The strategic investment reduces cyber risk, improves the end-user experience, and reduces cost and network and infrastructure complexity.
CBTS has over 30 years of experience guiding customers through every aspect of digital strategy. From communications to cloud migration and application modernization to cybersecurity, the experts at CBTS have you covered.
Get in touch to start your journey to zero trust architecture.