Establishing Safe Zones With Zero Trust

The rise in remote work due to the COVID-19 pandemic is making agencies think about protecting endpoints in new ways.

When endpoints, such as laptops, are brought home, they typically don’t benefit from many of the protections provided to them by security tools in the enterprise network, and hence must defend themselves to avoid giving a foothold to attackers.

Enter a more innovative approach to cybersecurity: a zero-trust architecture. Practicing zero trust security, agencies only grant access to networked resources after verifying the user’s identity, the device they are using, and evaluating the security posture. Zero trust protects agencies by making access control decisions on a fine-grained and informed basis.

To learn more about implementing zero trust cybersecurity, GovLoop interviewed Ian Pratt, Global Head of Security at HP, Inc., an IT provider.

Pratt shared three ways agencies can apply the principles of zero trust to their endpoint architecture.

1. Isolate Risky Activities

Pratt said today’s most secure networks use “micro-segmentation” to enable control over which endpoints and services can communicate, preventing breaches from granting cyberattackers access to all areas. “Micro-virtualization,” meanwhile, is a similar approach that can be used on the endpoints themselves.

“Each task a user performs – such as opening email attachments – can be performed in a disposable virtual machine (VM) created just for that task,” Pratt said. “The VM only exists for the task’s lifecycle and has access just to the resources needed to complete the task, so if the task turns out to be malicious, there’s no harm done — nothing to steal, no way for the attacker to move laterally, and no way for the attacker to persist.”

“Micro-VMs use modern virtualization capabilities, so they are transparent and don’t change the user experience, but they safely contain and mitigate the impact of the user clicking on something bad,” he said.

2. Protect High-Value Tasks

Zero trust principals can also be used to protect the data and applications that agencies care most about. Micro-virtualization can be used to isolate and protect high-value tasks, even if the underlying machine becomes compromised, or the users or administrators are malicious.

“A zero-trust approach to endpoint architecture enables you to safely maintain operational integrity even in a compromised state” Pratt said. “The security posture of high-value applications can be assured and cryptographically attested.

3. Think Proactively

Pratt suggested the biggest benefit of a zero-trust endpoint architecture is the way it shifts agencies from mainly detecting and reacting to breaches, to a more proactive, resilient approach to cyberattacks.

“Security products in the market today rely on detection. “It’s inevitable that they all miss things, Pratt said. Application isolation through micro-virtualization enables you to design resilience to attacks, so you are still protected when detection fails.”

Ultimately, attackers are much less likely to breach agencies guarded by zero trust cybersecurity. Over time, these agencies focus more on innovation and strategy than routine cybersecurity.

This article is an excerpt from GovLoop’s recent guide, “Reinventing Government: 20 Innovations for 2020.” Download the full guide here.

Leave a Comment

Leave a comment

Leave a Reply