Utilizing a Zero Trust Model in an Extensive BYOD Environment
Early in my tenure with my current employer I faced the challenge of accommodating thousands of part time employees and franchisees who were using their own devices to connect to sensitive applications and parts of our network. Obviously, I was familiar with vendor and employee hardware and software platforms allowed into organizational premises, but this scale was beyond anything for which I was prepared.
There are many advantages for allowing employees to use their own device at the workplace. These include: increase in productivity; significant hardware and software acquisition savings; and familiarity. However, this practice also comes with many challenges. I knew I had to find a security model that would integrate well with the rest of the company and could be implemented without too much operational and technological burden.
In our BYOD intensive environment, the combination of a context-aware zero trust model is complementary to a cloud-based architecture
The approach we chose was a “zero trust” model. In a network where a zero-trust model is implemented, the assumption is that the environment is hostile and users and devices are never trusted. Furthermore, there is no trust distinction between internal and external networks. With this model, all access requests and devices are always verified with full logging and behavioral analytics.
The zero trust model makes no distinction between inside and outside the perimeter. Network transactions and requests for application or data set access are explicitly validated with user credentials, device identification, and other controls such as IP location, and device posture. There is no default access to any component. The “least privilege” approach enforces access control to manage the risk of excessive user privilege. All activity is logged and monitored. In a zero-trust environment, successful authentication is not enough.
Each time there is a request for access, primary user credentials and if used, a secondary factor authentication is re-evaluated. A device certificate can be used to differentiate between a managed device or user-owned. The IP address can be used for geolocation or to see whether an anonymizer or other VPN is used. This evaluation is used to determine whether certain high-risk applications can be accessed or whether any additional restrictions will be imposed to this specific session. Each subsequent request is re-evaluated and uniquely handled depending on the context of the specific request. Using this approach we can reduce the pathways available to gain unauthorized access.
Zero-trust allows companies to integrate Internet of Things (IoT) within their network. Adding a TV, a video conference component or other similar devices can still utilize some of the authentication and validation components despite the absence of user credentials.
A zero trust security model redefines the architecture of a trusted network inside a defined corporate perimeter. While the zero-trust model is beneficial it also has certain challenges. The success of the model relies on an organization’s ability to establish zones and segmentation to control resources. It is essential that there is technology in place to monitor and manage data between zones, and more importantly, user interactions within a zone. This is relevant today since technologies and processes like the Cloud, DevOps, and IoT have either blurred, or dissolved the idea of a traditional perimeter.
A second challenge is that legacy systems cannot easily fit in such a model. Redesigning applications to use zero-trust can be very costly. Legacy applications can potentially use an authentication abstraction service. Such applications pose additional concerns in terms of monitoring capabilities and their ability to handle encryption and other zero-trust requirements and can be the most significant hindrance in the adoption of such a model.
Identity abstraction as a service is quite popular with IoT and legacy applications. Enabling device identification and authentication as a cloud-based service, allows IoT systems to integrate within an organization’s security.
Finally, The use of cloud based collaboration applications and peer-to-peer networks pose problems as they allow for users to bypass zero trust controls and risk based access. While in certain cases cloud based collaboration and P2P can be blocked, their use cannot be totally monitored and they typically operate in conflict to the zero trust model.
In our BYOD (Bring your own device) intensive environment the combination of a context aware zero trust model is complementary to a cloud-based architecture. With this model we are able to embrace the reality of our business and allow our users to access applications from anywhere, using any device, with secure, and simple access.