Some common cyber threats facing the retail industry include ransomware attacks, social engineering, system intrusions and insider threats. The retail sector is often targeted by cybercriminals
The zero trust maturity model is a Cybersecurity and Infrastructure Security Agency (CISA) initiative to help achieve a modern approach of zero trust through the implementation of five pillars with cross-cutting capabilities. The five pillars of zero-trust security are identity, device, network, application and workload and data. Each of these pillars needs to be assessed to verify the identity of all human and non-human users, that each device is properly compliant and trusted, that applications are updated, data is controlled and restricted, and networks are segmented.
Continue reading to learn more about zero trust, the five pillars of zero-trust security, the importance of zero trust and how Keeper Security allows your organization to implement zero trust.
What is zero trust?
Zero trust is a cybersecurity framework that removes implicit trust and assumes all potential users could be compromised. It requires every human and non-human user to continuously and explicitly verify themselves to gain access to an organization’s network. Once a user has gained access to the network, they are given the minimum amount of access to network systems and data. Zero trust focuses less on where a user is logging in from and more on who they are.
Zero trust is based on three core principles:
- Assume breach: Rather than trusting every user who tries to access an organization’s network, zero trust assumes any user could be compromised and lead to a data breach.
- Verify explicitly: Because any user could be compromised, zero trust requires all human and non-human users to prove who they say they are before they can access the organization’s network. All users must verify themselves every time they want access.
- Ensure least privilege: Once a user has gained access to the organization’s network, they are only given just enough access to do their jobs and no more. This helps limit the effects of a breach if one were to occur.
The five pillars of zero-trust security
When trying to implement zero-trust security, organizations need to plan around the five pillars, all of which need to be assessed and updated accordingly. Here is a closer look at each of the five pillars of zero trust.
Identity
Digital identity refers to the collection of data that represents an entity online. With zero trust, organizations need to verify the digital identity of all users, devices and applications before granting them access to their network. When a human or non-human entity tries to access an organization’s network, the organization must use strong authentication and behavioral analysis to verify the digital identity of that user. They should use real-time detection, automated remediation and connected intelligence solutions to monitor and respond to abnormal behavior.
Device
Zero trust requires organizations to check devices before granting them access to their network of resources. Organizations need to have a complete list of every individual device being used within their network and ensure they function properly. They need to check the health and compliance of these devices to ensure they are secure and only running approved programs.
Network
An organization’s network needs to be segmented to prevent threat actors from moving laterally and accessing sensitive data if a user is breached. Network segmentation isolates parts of an organization’s network to control access to sensitive data. These segments are determined based on the type of sensitive data and the users who need access to them. Segmenting the network limits users’ access to only the resources they need to do their jobs. Users cannot access any other part of the network that is not within their segment.
Application and workload
Applications need to access sensitive data and systems to do their jobs, but their access should be as limited as possible, just as access for human users should be. They also need to be regularly audited to ensure they have the latest security updates to prevent cybercriminals from exploiting security vulnerabilities and gaining unauthorized access to the organization’s network. Organizations need to monitor applications closely to prevent unauthorized access.
Data
Organizations need to identify and classify their data based on how valuable it is. They need to limit access to sensitive data and only allow privileges to users who absolutely need access to do their jobs. All data should be encrypted both in rest and in transit to prevent unauthorized users from reading it. Organizations should also follow least privilege access principles when managing access to data.
The importance of zero trust
Zero trust is important to help improve the security of an organization and reduce cybersecurity risks. Organizations need to implement zero-trust security to prevent unauthorized access to their sensitive data and systems. Here are the benefits of zero-trust security.
Ensure only authorized users access the network
With zero trust, organizations ensure that only authorized users access their network by continuously verifying the digital identities of all human and non-human users. This also ensures that users have access only to the resources they need, instead of the entire network. Zero trust helps organizations have full visibility into who is connecting to their network, from where and what they are accessing.
Reduce cyber attacks
A cyber attack is an attack on computers, networks or systems by cybercriminals in an attempt to access and steal sensitive information. Common cyber attacks cybercriminals use to gain unauthorized access to an organization’s network include brute force attacks and phishing. Zero trust helps reduce the number of successful cyber attacks by continuously and explicitly verifying the digital entities of all users trying to access their network. If an unauthorized user attempts to access an organization’s network, zero trust will prevent them from successfully accessing the network if they cannot verify their identity as an authorized user.
Mitigate the effects of security breaches
If a cyber attack is successful in breaching an organization’s network, zero trust helps mitigate the effects of the security breach. One of the core principles of zero trust is least privilege access. Least privilege access limits the amount of network access a user has by giving them just enough to do their jobs and no more. If a user’s credentials were compromised by a cybercriminal, the cybercriminal would be limited to the amount of access that specific user has. The cybercriminal would not be able to move laterally across the network and access other sensitive resources.
How Keeper® helps your organization implement zero trust
Keeper uses zero trust and zero knowledge to enable organizations to adopt zero trust for their distributed workforces, with strong authentication, and granular visibility and control. KeeperPAM™ is a privileged access manager that combines Keeper Enterprise Password Manager (EPM), Keeper Secrets Manager® (KSM) and Keeper Connection Manager® (KCM) into a unified solution. By combining EPM, KSM and KCM, KeeperPAM allows organizations to secure passwords, credentials, secrets and connections all in one platform. It gives organizations full visibility and control over who is accessing their network, where they are accessing from and what they are accessing.