Roughly 12 years after the term was coined in 2010 by John Kindervag, a Forrester researcher and thought-leader, Zero Trust has finally reached mainstream popularity. His game-changing philosophy transformed organizations’ perceptions about network security and how to mitigate risk as data breaches become more routine. However, IT companies and professionals have exhausted the term Zero Trust, causing organizations to think a full-fledged Zero Trust Network Architecture (ZTNA) is achievable with a quick snap of the fingers. Unfortunately, that’s not the case.
That’s why we’re here. To help give you a fundamental understanding of how to implement Zero Trust practices in your organization and guide you through your journey to minimize data and financial loss.
In this five-part blog series, we are going to cover:
- What Zero Trust is (and isn’t)
- How printing fits into a Zero Trust approach
- Why you should secure your endpoints
- VDI printing security issues
- Making VDI print environments Zero Trust compliant
- How PrinterLogic, Citrix, VMware, and IGEL work together to create a Zero Trust environment
Zero Trust: The Basics
Let’s start with how Zero Trust impacts our daily lives.
You swipe your debit card at the gas pump, enter your PIN, fill your tank, and drive off to your next destination. Five minutes later, someone tries buying a $3000 watch using your debit card details–500 miles away from where you just pumped gas.
The bank realizes that you couldn’t have driven 500 miles in five minutes to purchase something and you never spend more than $500 on a single purchase, so you receive a text or email from your bank notifying you of potential fraud. You decline the transaction and disable your card.
This Zero Trust approach saved you and the bank a lot of time and money and eliminated the threat before they could do more damage.
Traditional vs. Zero Trust Security Approaches
Traditional access models allow everyone within the company network to access data, trusting everyone who logs on to a computer within the network’s perimeter as long as they have a password and username. This model was legitimate until digital transformation and hybrid cloud infrastructures became the norm.
Now that employees regularly work outside their companies’ network perimeters due to hybrid work, companies’ attack surfaces have expanded and made them more prone to threats. This prompted organizations to make a dramatic change to their security standards.
Zero Trust takes the opposite approach with its motto of “Never trust, always verify,” enforcing access policies based on a user’s location, device, and requested data. Under this framework, end users are always seen as a potential threat and are continuously verified to block inappropriate access to critical information.
Zero Trust evaluates against each resource separately, so every time a user needs access to a particular app, they must prove they are someone who needs access to that resource before being able to use it. ZTNA is especially important for companies employing a hybrid workforce where employees constantly shift locations.
Zero Trust’s Three Core Principles
Zero Trust is not a single solution but rather a combination of third-party services that operate simultaneously and follow three core principles:
- Everyone Is a Threat: By assuming everyone and everything is a threat, organizations are more prepared for actual threats when they do occur. Through continuous authentication and authorization of all Internet of Things (IoT) devices, users, locations, and data sources, organizations reduce risk by uncovering what’s on the network and how it’s operating.
- Reduce Attack Surface: The Zero Trust model employs microsegmentation, enabling admins to monitor and control information between applications and servers. Isolating your network’s assets limits the attack surface, eliminates the risk of lateral movement by attackers, and prevents exposed devices from damaging other resources.
- Minimize User Access to Resources: Zero Trust only allows users access to necessary applications they need to perform their jobs and doesn’t offer them direct access to the network without verification. Following the Principle of Least Privilege (PoLP), Zero Trust prevents users, accounts, and processes from having broad network access, significantly reducing network vulnerabilities.
Now that you get the gist of what Zero Trust is and it’s core principles, let’s help you establish a base for how to start your Zero Trust journey.
The Path to a Zero Trust Architecture
Zero Trust Isn’t a “One Size Fits All” Solution
It’s important to note that the Zero Trust model isn’t an all-or-nothing approach. This common misconception has caused organizations to balk at starting their Zero Trust journey. Knowing that there isn’t one correct path to Zero Trust and choosing a starting point that aligns with your organization’s goals makes all the difference in building a highly secure network. Start by prioritizing your needs and implementing ZTNA with a step-by-step approach by asking yourself three questions:
Answering these questions will help your organization develop a strategy to begin implementing Zero Trust on top of your current infrastructure. Begin with your most critical assets before you try implementing solutions on a broader scope. Rome wasn’t built in a day; your Zero Trust Network won’t be either.
Regardless of your starting point, you can expect to receive immediate security, risk reduction, and investment returns.
On Deck: Why Printing?
So far, we’ve covered Zero Trust, its core principles, and how to begin building towards ZTNA.
In part two of our five-part series, we’ll answer the following questions:
- Why should organizations start a ZTNA strategy with their endpoints?
- How is printing involved in Zero Trust?
- Why are printers a security weak link?