Zero Trust

What is Zero Trust?

Zero trust is an approach to identity and access management that assumes no user or software is trusted by default. All users, devices, and applications must prove their identity and level of authentication before accessing resources.

How is zero trust different from traditional security?

Unlike traditional perimeter security approaches, modern zero trust security architectures recognize trust as a vulnerability. They assume no user, even if allowed onto the network, should be trusted by default because the user could be compromised. Identity and device attestation and authentication are required throughout the network. Every single component in the network must independently establish its trustworthiness and be authenticated by any other component it interacts with, including existing point security measures.

 

Related HPE Solutions, Products, or Services

How do users establish trustworthiness?

Establishing trustworthiness requires assertion that each and every component of the system—including the hardware—is who it says it is, that it has not been compromised by an attacker, and that the messages that have been sent from it have also not been compromised.

What are the advantages of zero trust architectures?

Traditional security models in which authentication happens once and trust carries over indefinitely no longer meet the needs of enterprises operating in a hybrid, dynamic environment. While perimeters and firewalls were once considered adequate to protect data from outside threats, an edge-to-cloud world spans devices on the edge and services in the cloud that should never be fully trusted and require constant attestation.

Many IT systems have gaps between the layers of the supply chain, silicon, operating systems, hypervisors, platform software, and application workloads in which cybercriminals can hide malware and other attacks. This leaves networks vulnerable to compromise, as was seen with the SolarWinds hack in 2020. Under zero trust principles, the compromised update would not have been installed until it was fully vetted within the zero trust framework—even when it was coming from a trusted vendor.

With continuous verification and attestation, zero trust security architectures enable organizations to quickly detect many types of cyberattacks and often stop intrusions before they can occur. A zero trust model supports microsegmentation, which enables IT to segregate network resources so potential threats can be easily contained. Organizations can apply granular policies enforced by role-based access to secure sensitive systems and data.

Zero trust not only enhances security, it does so cost effectively and can make security as agile and elastic as an organization’s environment demands. Because a zero trust security system seeks to understand what users are trying to do as they are doing it and introduce the appropriate security policies based on an action’s context, it can also improve user experience.

What are the differences between zero trust and SASE?

Zero trust and Secure Access Service Edge (SASE, pronounced “sassy”) are two approaches to enhance security as workforces become increasingly remote and dispersed and organizations’ attack surfaces expand. While both approaches have similar goals, they are distinct and separate from one another.

SASE outlines the components needed to provide secure access at the edge. It combines software-defined wide area networks (WANs) with other networking services and functions to build a cloud-based secure network. A SASE solution must be able to identify sensitive data, plus encrypt and decrypt content with continuous monitoring for risk and trust levels. This approach is particularly useful for organizations with multiple remote and branch offices, Internet of Things (IoT) and edge deployments, and highly distributed workforces.

Zero trust is a model and philosophy meant to reduce security risk across the enterprise. It encompasses not just secure access but also monitoring of cyberthreats to the organization, data governance and compliance requirements, and maintenance of the network environment. Zero trust architectures eliminate trust from all network communications and seeks to gain confidence that the communications are legitimate. SASE provides a means to accomplish this through its core component technology. So while zero trust and SASE have overlapping principles, implementing a SASE solution does not mean an organization has a complete zero trust security architecture.

What are the core principles of zero trust?

The United States National Security Agency has outlined three guiding principles for zero trust security strategies.

Never trust, always verify

Treat every user, device, application, workload, and data flow as untrusted. Authenticate and explicitly authorize each to the least privilege required using dynamic security policies.

Assume breach

Consciously operate and defend resources with the assumption that an adversary already has presence within the environment. Deny by default and heavily scrutinize all users, devices, data flows, and requests for access. Log, inspect, and continuously monitor all configuration changes, resource accesses, and network traffic for suspicious activity.

Verify explicitly

Access to all resources should be conducted in a consistent and secure manner using multiple attributes (dynamic and static) to derive confidence levels for contextual resource access decisions.

The principle of least privilege (POLP) referenced in the first principle above states that users should be limited to those privileges (read, write, or execute) needed to access only the resources necessary for them to do their jobs, and those privileges should be granted for the shortest amount of time possible. This principle is also known as the access control principle.

The length of time that a privilege is granted is a key element of POLP. Software developers tend to gradually add more access rights in their apps beyond what users need to do their jobs. This practice is known as “privilege creep” and can cause additional cybersecurity risk to the organization, as unnecessary accumulations of rights could result in data loss or theft.

How can HPE help with achieving a zero trust architecture?

Project Aurora is HPE’s edge-to-cloud zero trust security architecture to help protect customers from some of today’s most sophisticated malware attacks. Building on HPE’s silicon root of trust, Project Aurora measures everything before it is enabled or released for execution and continuously repeats this measurement during runtime.

Rather than being a point solution, Project Aurora addresses end-to-end security for edge-to-cloud deployments, with new embedded and integrated security solutions starting at the silicon level. It incorporates designed-in security technologies with automated verification and attestation to establish a defense-in-depth approach that begins at the lowest foundational layer—the silicon.

By embedding security across a secure chain of trust from the silicon to the workload, Project Aurora will make it possible for organizations to place greater assurance in their distributed software systems, allowing for more agility and flexibility to bring cost-effective and differentiating solutions to market.

Project Aurora will lay the foundation for delivering more zero trust services across HPE GreenLake and other HPE offerings. Initially, it will be embedded within HPE GreenLake Lighthouse to automatically and continuously verify the integrity of the hardware, firmware, operating systems, platforms, and workloads, including workloads from security vendors. This can help minimize the loss and unauthorized encryption (and corruption) of valuable enterprise data and intellectual property.

In the future, Project Aurora will be embedded within HPE GreenLake cloud services to provide a platform-agnostic way to define, create, and deploy a zero trust architecture distributed from edge to cloud.