Home Cloud Is It Really Beneficial To Implement A Cloud Security Model On Zero...

Is It Really Beneficial To Implement A Cloud Security Model On Zero Trust?

-

Zero Trust is a security model for IT; it can eliminate the notion of trust for the protection of applications, data, and networks. It is quite different from the traditional security model’s parameters, which assume that bad actors are always on the untrusted side of the network, and trustworthy users are on the trusted side. While Zero Trust nullified all the assumptions, and it presumes that all the users are untrustworthy. 

As per the Forrester Research, leading research and consultancy firm, a Zero Trust solution must: 

  • Ensure only known traffic or legitimate application communication is allowed by segmenting and enabling Layer 7 policy. 
  • Implement a least-privileged access strategy and strictly enforce access control. 
  • Inspect all the traffic before login. Otherwise, gaining access to a company’s network can be fairly easy for an attacker.

In an enterprise network, these principles may be straightforward to implement, but how do they apply to the cloud? By driving access through a security gateway, you can apply the same concepts to the cloud for secure, least-privileged access. However, it has become clear that deploying a gateway in the cloud is not enough for Zero Trust. Your implementation has to inspect all traffic for all applications, or it is not truly delivering Zero Trust.

Read Next: How Top Cloud Providers Are Battling In The Serverless Market?

Why Zero Trust in Cloud is a must for organizations

Implementing Zero Trust in an enterprise network is predicated on the firm itself controlling the network. It establishes where boundaries can be set and enforce access control to protect sensitive applications, such as those within on-premises data centers, from unauthorized access and lateral movement. 

Today hosting an application in the cloud in place of a data center is also more cost-effective. More than 73 percent of companies now have applications or infrastructure in the cloud, as per IDG, a leading technology media company. These cloud environments, operated by cloud service providers and SaaS vendors, are not part of an organization ‘s network, so the same kind of network controls do not apply.

Read Next: 4 Hybrid Cloud Use Cases That Every Enterprise Should Leverage

As a result, most companies:

  • have applications and data that are spread across multiple locations. 
  • Are losing insight into:
    • Who has access to their applications and data or even what devices are in use to access them (For example laptops, smartphones, tablets, etc.), since much of their assets are present on third-party infrastructure. 
    • How their data is used and shared. 

Organizations often use various access technologies to resolve these problems, depending o where their assets are located. Most companies use a mix of: 

Location Technology Used for Access
On-premises data centersRemote access VPN
Private applications (data center, hybrid cloud) Software-defined perimeter
Public cloudInbound proxy or virtualized firewall
SaaS applications CASB proxy

This technology mix creates a fragmented security architecture in which it is hard to be sure what policies are in place to protect any particular data in the cloud. Cloud environments are radically different and continuously evolving from traditional networks, meaning a company’s approach to security needs to be both comprehensive and adaptable.

That is why 9 out of 10 IT professionals are concerned about cloud security. As per them, their top 3 challenges are: protection against data loss and leakage (67%), threats to data privacy (61%), and breaches of data confidentiality (53%). They are also struggling with security control issues such as gaining visibility in the security of infrastructure (43%), compliance (38%) and establishing consistent security policies across cloud and on-premise environments (35%).

So, to succeed, businesses need to put a single, unified security architecture in place that:

  • Provide users secure access to the company’s applications and data across the public cloud, SaaS applications, and private cloud/data centers. 
  • Can control and limit the access of those assets, and the way they can be used. 
  • Inspects traffic and consistently enforces security policies.

Read Next: Is Cloud The Only Reason Behind Salesforce’s Dominance?

Recommendation for Applying Zero Trust in Cloud Infrastructure

To make Zero Trust easier to maintain in the cloud:

  • To implement Zero Trust in the cloud, use cloud-delivered security measures. 
  • Provide users with a secure, consistent, and seamless experience wherever they are physically located, how they wish to connect, or what applications they want to use. Otherwise, they will not accept this if the user experience is too complicated or requires too much change whenever they work from a new location or use another application. 
  • Reduce the surface area of the attack by limiting context-based user access.

Advantages

Some of the advantages of deploying Zero Trust for the cloud:

  • Provide better visibility into data, assets, risks, and threats.
  • Consistent and comprehensive security.
  • Adds speed and agility to stay ahead of evolving technologies.
  • Reduced operational cost and complexity.

Cloud

Cloud Management