2021 is shaping up to be a lucrative year for cybercrime, with businesses projected to suffer approximately $6 trillion in damages worldwide. On average, this amounts to over $13 million per company, although the impact may vary. Even before the COVID-19 pandemic, the traditional corporate perimeter was already weakening. However, the pandemic has expedited this process due to IT developments such as cloud migration and the rise of remote work, significantly affecting organizations’ cybersecurity posture.
Redefining the Perimeter with Zero Trust and Microsegmentation
Under the Zero Trust security model, every user on the network is considered potentially hostile. This approach is crucial for companies adapting to a work-from-home environment. But how does it work?
The central idea behind Zero Trust is that even an authenticated user cannot automatically be trusted. Therefore, implementing a Zero Trust strategy requires security technologies that:
- Utilize multi-factor authentication (MFA) to verify user identity
- Continuously reaffirm user identity and access privileges whenever users attempt to access new resources
- Monitor real-time activity and notify administrators in case of suspicious behavior
- Create an air gap between enterprise resources and the public internet, such as using remote browser isolation (RBI)
- Implement “least privilege access” and microsegmentation to restrict user access to only the necessary resources
Microsegmentation for Application Access
Microsegmentation, also known as identity-based segmentation, is a critical component of any Zero Trust technology suite. This technology creates small network segments associated with individual users, connecting them only to the resources they are authorized to use. Furthermore, access to each segment can be further restricted based on contextual factors, such as whether the user is accessing the segment remotely or through an internal office connection. In advanced implementations, users may even be unable to see other apps and data present on the network. By applying segmentation rules to the application level, organizations can limit an attacker’s ability to move laterally across the network.
How Do Zero Trust Technologies Work Together to Create Security?
Effectively defending against attackers demands a holistic Zero Trust approach that goes beyond simply checking off items on a list. Various technologies must seamlessly collaborate to form a robust defense.
For example, while any form of MFA provides stronger user identification verification than just a username and password, an Identity and Access Management (IAM) system that incorporates contextual information like browser cookies, device location, and IP address continuously reaffirms the user’s identity throughout the session. If an attacker gains control of a user’s session, the IAM system should be able to detect this and alert an administrator, restrict the user’s access to sensitive resources, or even terminate the session entirely.
However, this tactic is not foolproof, and if an attacker manages to bypass MFA, other components of the Zero Trust defense come into play.
Guarding Against Web-Based Threats with Remote Browser Isolation (RBI)
Consider a scenario where an attacker successfully hacks into your boss’s email account. When you check your email next, you find an urgent message from your boss requesting you to finalize a project your team is working on. Without hesitation, you click on the email’s link. Congratulations, you have just infected your system with malware, possibly even ransomware.
To protect against such attacks and other web-based threats, organizations can employ Remote Browser Isolation (RBI). RBI applies a Zero Trust approach to external, browser-accessed resources like websites. By air-gapping web access through a remote virtual browser, RBI prevents web-based threats from reaching the endpoint. Here’s how it works:
- Users access a cloud-hosted virtual browser, isolated from the organizational network.
- The virtual browser renders each webpage the user visits and streams interactive data back to the user’s endpoint browser.
- Malware within the website remains confined to the remote browsing environment, leaving the endpoint untouched.
- The remote browsing environment, including any malware, is discarded once the user finishes browsing.
How Does Microsegmentation Enhance Zero Trust?
Now, let’s imagine the worst-case scenario—an attacker successfully bypasses RBI and MFA, gaining access to the network undetected. The next move for the attacker would likely involve attempting lateral movement to infect more applications, gather additional credentials, and escalate their permissions to access sensitive data.
With microsegmentation, the damage an attacker can inflict is limited because each user is granted access only to specific applications and data necessary for their job. In a large organization, a single employee likely lacks access to enough information to be an appealing target for an attacker. Moreover, the attacker’s usage is limited to the confined microsegment, preventing unauthorized lateral movement within the data center or to other resources. At this point, the attacker may choose to abandon their hacking attempt and search for a less well-defended target.
In essence, RBI, MFA, and microsegmentation complement each other, forming a three-sided pyramid that shields your organization from all angles. If an attacker manages to evade one defensive angle, the remaining two angles can still mitigate the impact of the attack. By making it considerably harder to steal credentials, authenticate using stolen credentials, or exploit a single compromised node to infiltrate your network, Zero Trust ensures that even the most determined cybercriminals face significant obstacles when attempting an attack.
Conclusion: So above is the The Zero-Belief Triangle: MFA, RBI, and Microsegmentation article. Hopefully with this article you can help you in life, always follow and read our good articles on the website: Megusta.info
