To deliver Zero Trust principles at all four layers, organizations need three things:
- Zero Trust-style access and authorization capabilities
- A foundation in basic cyber hygiene
- System integrity
Zero Trust access and authorization is well understood. Basic cyber hygiene—while sometimes challenging to implement—is simple to understand. But how does system integrity fit in?
What is Integrity?
Integrity is a core concept within cybersecurity—one pillar of the coveted CIA Triad.
.png?width=236&height=176&name=CIA%20Triad%20(1).png)
- Confidentiality: only those who are authorized can access data.
- Integrity: data is in a trusted, accurate, and complete state and is only altered in expected ways.
- Availability: data (and the systems and applications that rely on it) remain accessible.
Note that data doesn’t just mean documents and databases. Everything that allows an IT environment to function is stored in a file somewhere as data. This includes data stored in configuration files, system files, network devices, endpoints, directory services, cloud instances, etc. So long as data stays in the correct configuration and isn’t tampered with, everything will function as intended.
Ensuring integrity within an IT environment means ensuring that no matter what service, device, or user accesses, stores, processes, transmits, or receives data, it remains accurate and complete. Naturally, this requires a more comprehensive set of controls than have traditionally been deployed. Stefan Lesaru, IDSA Zero Trust Technical Working Group Lead, Big Data and Security Director, Atos, explains:
“One of the biggest shifts needed for Zero Trust is an increased focus on the data layer. In traditional cybersecurity, data is assumed to be safe if the external layers are secure. This simply isn’t true. Organizations need granular insight at the data level to maintain confidentiality and integrity.”
This requires four capabilities:
- An authoritative baseline of what data should look like.
- A means of identifying and protecting data from unauthorized change.
- A mechanism to roll back unauthorized changes not blocked at the source.
- A way to verify that controls 1-3 are functioning correctly.
The following closed-loop integrity assurance cycle demonstrates how this works in the real world:
This loop may appear time-consuming. However, so long as an organization has a trusted, authoritative baseline—a record of what is allowed to be and happen within the environment—the loop only needs to occur for unknown changes. Further, with the right technology, most of the loop can be automated.
The Missing Components of Zero Trust
Our new report, ‘The Missing Components of Zero Trust,’ explains what Zero Trust really is, examines some significant gaps in existing guidance, and details the most important concepts and capabilities required for an effective Zero Trust Architecture.
Download the report to learn:
- The Core Principles and 7 Tenets of Zero Trust.
- How the Zero Trust strategy and architecture eliminate implicit trust.
- How to elevate your security posture and avoid making the most common Zero Trust mistakes.
- The answer to the question, "Does Zero Trust actually work?"
