The Six Pillars of a Zero Trust Security Model for 2021
By Antonio Redding, Cybersecurity SME at Intelligent Waves LLC
Recent industry reports show that a new, large-scale data breach occurs almost monthly and can be traced to a
myriad of misconfigurations, oversights, or determined adversaries. The bad guys are getting better and more
creative. The good guys must be even more vigilant.
Zero Trust Architecture (ZTA) allows organizations to leverage established security principles and technologies to
shift from a hardened perimeter and compliance stance to a more risk-aware and deterministic state.
Many times, ZTA requires a culture shift within the organization by proactively minimizing the damage of a security
breach. This deliberate change of mindset means becoming predictive: moving from reacting to a breach to
anticipating it and having the processes in place to respond.
The conversation about ZTA begins with business priorities and examines the mechanisms available to protect the
business from a cybersecurity incident.
The key to successful implementation is understanding what you want to protect, where your risks lie and working
with a knowledgeable partner to achieve your goals.
The six pillars of a mature ZTA network:
1. Users: User identity and authentication are strictly enforced and escalated as necessary to complete
a given task.
2. Devices: Access is granted on a per-session basis with no cases of implied trust or shared credentials.
3. Network: All network communication is secured using encryption such as TLS 1.3.
4. Applications or Resources: All applications, resulting data, and computing services are considered
valuable resources and carry potential financial penalties if compromised.
5. Automation: Access is determined via a dynamic policy engine. Access should change based on need
or risk level.
6. Analytics: All owned and associated systems are continuously monitored and evaluated for
anomalous behavior or conditions.
Asset identification is the first step to implementing ZTA in any environment. Administrators must know what normal activities look like to identify anomalies. User Entity Behavior Analytics machine-learning tools can help security admins gain insight to understand who, what, when, where, and how resources are accessed.
Build the Zero Trust network. Implement policy enforcement points or gateways to separate protected assets from
the users and services seeking access. Start small and as close to the sensitive assets as possible.
Continuous monitoring will allow an organization to maintain the security posture of network assets and protection mechanisms. Review logs and revise policies. Investigate anomalies quickly and thoroughly with the
primary goal of securing business data and processes. Leverage automation where it is possible. It is much safer to
allow access when denied by a process than to detect the error and remove it if allowed by mistake.
The biggest hurdle to better security is getting started. NIST SP 800-207 lays out the basics of enabling ZTA through
migration, integration, or a new build from the ground up. Establish a plan with a trusted partner to publish an
achievable timeline that includes checkpoints and metrics. It is key to understand your organization’s high-value
assets, where they are, and how internal and external users interact.
Cultural change depends on all parties’ adoption of the new “normal” because they see the value. ZTA allows
organizations to have in-depth conversations about mitigating risk instead of justifying the cost, transforming
security into a business enabler instead of just a cost center.
To download the full white paper on Zero Trust, visit https://intelligentwaves.com/zero-trust/.
About the Author: Antonio Redding, Cybersecurity SME at Intelligent Waves LLC
Antonio Redding served more than 15 years supporting communications technologies across the Army Special
Operations community before joining Intelligent Waves in 2020. Antonio Redding can be reached at Antonio.Redding@intelligentwaves.com.
