The Zero Trust security model (sometimes also referred to as Zero Trust architecture, Zero Trust network architecture, ZTA or ZTNA) describes the approach that should be adopted to the design and architecture of IT systems. Zero Trust is therefore not a product, but a concept within modern security.
The Zero Trust concept concerns the level of security that a system should have, and is based around the view that no one at a company can be considered to be completely trustworthy by default. It should always be assumed that all data, infrastructure or networks will come under attack at some point.
As the use of cloud services expands rapidly, it also creates new potential for compromised or stolen credentials for an administrator or application with privileges. It can also open up the possibility of data theft and cyber scams.
Zero Trust enables businesses to regulate access to systems, networks and data without relinquishing control. As a result, the number of companies switching to a Zero Trust security model is also increasing, enabling companies to protect data using security checks that restrict access to the data according to specific security policies.
Even if you trust your employees as a general rule, they will not automatically be granted access, but will instead be given access for a specific purpose for a limited period of time. Thus, "Policy checks" are carried out continuously to identify the user's level. There can be a difference between being a manager and the access you should have in relation to whether you are employed.
Implementing the Zero Trust architecture in this way reduces the risk of data in the system falling into the wrong hands.
Zero Trust is implemented through various steps:
The first step is to indicate who you are. This is done through Multi-Factor Authentication (MFA) using passwords and other authentication methods.
Step two is about the user's access and what he or she can gain access to.
The third step involves checking what the user can see. The user may be inside the system, but what they can actually see will still be limited.
Cegal and Zero Trust
In order to implement a Zero Trust architecture, it is important to have an expert or professional expertise relating to the components that are defined as the company's critical systems and data. We provide secure cloud solutions for our customers based on Cegal's expertise within database, infrastructure, integration and system development, and our skilled consultants who have implemented Zero Trust in many projects. This has primarily concerned projects where we transfer customers from on-prem to a cloud solution.
We always recommend that our customers use a Zero Trust architecture and thereby ensure that no one is granted any accesses by default, even if they are considered to be trustworthy. All accesses that are granted must be very specific, granted for a short period of time only, and renewed.