BR +55 11 3069 3925 | USA +1 469 620 7643

Zero Trust and Privileged Access Management

by | May 14, 2019 | BLOG

In order to keep the network and their infrastructure secure, many companies are making efforts to create security perimeters that will ensure unintended external accesses are not performed. At times, however, traditional protection means such as firewalls will not be able to protect the organization’s infrastructure from potential threats, which may be within the perimeter of the environment itself.

It is exactly from this scenario that the term Zero Trust comes: The concept reinforces the idea that the danger is not only outside an organization’s environment, but it can also be on the inside. This environment can be compared to a kingdom that has walls, guards, and soldiers to protect its gates, but it does pay attention to a servant or member of the unfaithful court.

The Zero Trust concept came from Forrester – a well-known American market research company – through John Kindervag, one of its executives. This concept emphasizes that no traffic is reliable, be it internal or external. Any asset or device must always be analyzed and checked before connecting to the organization’s infrastructure and authorizing any type of access.  

“Always check, never trust” is the concept behind the Zero Trust model: Even if something has been requested or done by some theoretically reliable user, the recommendation says it should always be checked.   

Internal threats are unexpected but very possible: not only third parties but also the very employees who have access or credentials may make accidental or intentional mistakes. Thus, the resources, processes, and methodologies available in the company must be applied in the infrastructure, aiming at the internal protection of the organization.

However, external threats are also related to the concept of Zero Trust when a hacker, for example, manages to overcome external security barriers and invades the company’s environment. If not properly protected, the individual can find an environment of free access and not raise suspicion during their “visit.”   

Many technologies and models can assist in the implementation of a Zero Trust system. Yet, one should have in mind that these practices must support the idea that any requested access must be proven as reliable access.

These are some of the actions related to the implementation of the Zero Trust model:

  1. Data classification: To segregate and impute the value of data and information that will be accessed, so that there is a definition of who can access them and how, according to their urgency and classification (secret, confidential, internal, or public);
  2. Network environment monitoring: To analyze, check, and know the traffic and the means by which information is transmitted to easily identify irregularities;
  3. Risk mapping: To understand the risks to which systems are exposed in both the external and internal environment;  
  4. Documentation: To adjust policies, procedures, manuals, and other documents for the new circumstance, making the use of the Zero Trust model official;  
  5. Identification of roles and accesses: Perhaps the most important issue and the basis for the implementation of the Zero Trust model is to understand the types of users on the network, their responsibilities, and the type of access they have. The aim is to ensure that these accesses are authentic and reliable.

The Zero Trust model focuses on the accesses and activities performed by users within the system. Thus, using a solution that automates the understanding of the actions performed by users (accesses and activities) is essential for the Zero Trust model to be properly implemented.

In the context of the Zero Trust model, a Privileged Access Management (PAM) solution can assist Information Security officers in any company to implement the concepts related to this model.

In this situation, the goal of a PAM solution is to perform centralized access management through the control, storage, segregation, and tracking of all environment access credentials. Through the use of this type of solution, one can ensure that the access is actually being performed by a user and that the user is allowed to access.

Thus, the following features of a PAM solution help organizations to deploy Zero Trust practices:

    • Credential Management – The PAM solution must allow the definition of administrators users or user group that will have certain types of access and permissions in relation to a target device or system, as well as manage the complete cycle of these credentials;
    • Segregation of Access – The solution must be able to isolate critical environments and correlate events to identify any suspicious behavior. That way, it is possible to prevent data leaks due to unauthorized access;
  • Approval Workflows – access requests must be easily configurable, allowing the fulfillment of multilevel approval flows and validation of the explanations provided by the requesting user;  
  • Behavior analysis – monitoring of users’ activities and identification and response to any changes in behavior patterns and users’ access profiles;
    • Unauthorized access – monitoring of accesses outside the organization’s policies, such as a user who performs direct access to a device through the password of a registered credential not managed by the solution;
    • Analysis of actions – analysis of actions taken by users and alert generation to identify fraud or inappropriate actions;
  • Session Block – the PAM solution must allow an administrator to retake control or even block a user session in a series of environments or operating systems;  

Taking the presented features into account, the correct implementation of a PAM solution ensures the access is being performed in a secure way, regardless of the location or access device. Thus, credentials with higher privileges will have their activities monitored, ensuring that any irregularity in their accesses is being checked.

The Zero Trust model may be relatively recent, but in current scenarios where data leaks are recurring, it is in fact very important for any company that wants to achieve greater development in terms of data protection. The use of the available solutions and means, such as a PAM solution, is already a great step that can be taken to achieve the Zero Trust applicability. The implementation of this model allows the creation of a culture of internal environment protection with the same strength and concern with which the company’s external environment is protected.

How to Prevent DDoS Attacks in Your Company?

There are several methods by which malicious agents attack websites and destabilize network services and resources. One of the most widely used techniques is the DDoS attack, which means distributed denial-of-service. Through this attack, a website ends up becoming...

Gartner and PAM: What Does One of the Most Important Consulting Companies in the World Say About this Cybersecurity Solution?

All of us have already heard of digital transformation at some point. This phenomenon affects companies of all verticals and sizes and has been gaining prominence in the market.  Digital transformation increasingly requires organizational leaders to adapt their...

senhasegura MySafe – Your personal Vault

With the multiplication of computer systems, passwords have spread out both in our personal and professional lives. And the protection of credential passwords has become a major concern not only for organizations but also for society. And no wonder why those...

Lessons learned from the Uber data breach

Uber employees last month discovered a hacker intrusion into their internal network. This was possible because the attacker announced his feat on the organization's Slack channel, as well as sharing it with the New York Times, which brought the story about the Uber...

What Are the Costs Associated with a PAM Solution?

Investing in cybersecurity is indispensable for companies of all sizes and industries, since threats such as data leaks and hacking attacks generate great financial losses. Thus, one of the most important measures in this regard is to rely on a PAM solution, which...