The countless resources on Zero Trust and limitless potential starting points make it challenging to clarify the right steps to take to enhance overall security. Within the pillars of Zero Trust, identity and devices are strong places to begin making meaningful security changes. These two pillars deliver the greatest immediate security impact, they are universally relevant for every company, and they help teams focus on the important challenges instead of the lesser ones that resolve themselves over time.
Overview: Pillars of Zero Trust
Several sources exist on the pillars of Zero Trust, but they vary on their assessment of what the pillars are. Forrester summarizes the pillars as:
Three overarching interactions across the pillars are incorporated into every stage of optimization. These are:
- Visibility and analytics
- Automation and orchestration
This framework for Zero Trust defines the architecture for any organization pursuing a greater security posture. Identity and devices are two of the most commonly discussed pillars because they are relevant starting points for nearly every organization.
Identity as a Universal Starting Pillar in Zero Trust
While the Zero Trust journey unfolds differently for every firm, the identity pillar is a beneficial place to start for a few reasons.
First, stronger identity practices address the most common cause of data breaches — social engineering that coerces well-intending employees to share private information. Second, the initial steps teams take within identity in the beginning of their Zero Trust journeys set the foundation for more advanced security measures down the road, such as granular authentication and identity-based authorization.
Last, starting with identity brings benefits that end users can experience for themselves. This helps teams earn greater buy-in to continue making progress on Zero Trust. Advancing in the identity pillar means streamlining sign-on with SSO, authentication tools, or passwordless sign-in such as biometrics. This reduces the number of repetitive logins or password memorization needed by employees, ultimately enhancing their productivity and lowering daily friction.
When prioritizing the steps in Zero Trust, make sure decisions are rooted in science to define the actions that deliver the greatest security impact in the shortest amount of time.
Example of Identity Pillar Maturity Model
The Cybersecurity and Infrastructure Security Agency (CISA) defines the maturity of the identity pillar in Zero Trust as the following:
- Traditional: Password of multi-factor authentication (MFA); limited risk assessment
- Advanced: MFA in place; some identity federation with cloud and on-premises systems
- Optimal: Continuous validation; real-time machine learning analysis
Achieving the optimal stage is a far-fetched objective for many organizations. Focus efforts on more attainable goals by enhancing identity processes incrementally. What we’ve summarized here is a reference point for how the identity pillar might progress in an ideal scenario, but the actual steps teams take must be rooted in data-backed risk analysis.
Enhance Remote Security with the Devices Pillar of Zero Trust
Hybrid work took the world by storm. Modern employers are recognizing remote work as a competitive advantage and shifting their focus to a hybrid-first model. While this trend has eased remote access for employees, it increased the vulnerability of firms for cyberattacks.
Today’s remote employees want to use their own devices and access critical applications quickly, regardless of their physical location. These shifts in modern work make the devices pillar of Zero Trust a great starting point for organizations.
Enhancing device security addresses common entry points for threat actors, specifically unmanaged devices on remote networks. It also grants greater visibility into devices and activity across the network, which leads to several benefits, including consistent monitoring for suspicious activity and bringing efficiency to auditing devices and permissions on a regular basis.
The hybrid-first necessity forced many firms into digital transformation quickly. Now is the time to review systems, refine them, and implement best practices.
Example of Devices Pillar Maturity Model
CISA defines the maturity of the devices pillar in Zero Trust in the following progression:
- Traditional: Limited visibility into compliance; simple inventory of devices
- Advanced: Compliance enforcement employed; data access depends on device posture on first access
- Optimal: Constant device security monitoring and validation; data access depends on real-time risk analytics
When looking at the evolution of Zero Trust, teams who think of it as an ongoing commitment to changing and adapting are more successful with their overall security posture. Zero Trust is a strategy that can always be incrementally improved. Therefore, IT teams need to determine which steps make the most sense to protect against probable threats to their business.
Define Your Next Steps within the Pillars of Zero Trust
Defining the most applicable steps forward in a Zero Trust model is a common challenge firms face. Zero Trust strategies need to be rooted in the hard science of risk analysis. Only by having data to back up decisions can IT teams be certain the steps they’re taking will bolster their company’s security posture.
Identity and devices are strong starting pillars in Zero Trust, but the actions each organization takes within these pillars will be unique. Specific steps over generic actions are the key to success with cybersecurity.
A Zero Trust assessment such as Ascent Solutions’ Zero Trust Launchpad can define the recommended steps forward for your organization. Managed security providers empower teams with data-driven decisions, bringing momentum to cybersecurity initiatives. To learn more about Ascent’s Zero Trust Launchpad and request a consultation, reach out to firstname.lastname@example.org.