How Zero-Trust Network Architecture Stops Almost All Malware
[Machine Automated Transcript]
Could you tell me what a zero-trust security model is and why it perhaps should be something that people embrace?
This is a concept that’s relatively new, at least to most people. The whole idea behind it is we have. To assume in this day and age that our systems have already been compromised. Not just that they might get compromised, but they have.
So when we’re setting up networks for businesses, we look at things in a much different way. It’s no longer about the perimeter. Trying to keep people out. The NSA, the national security agency, used to call it no such agency. The NSA has come out with a warning to be bold and also a description of what to do.
The idea is you’ve got things inside your network. You’ve got a printer, that is connected to the network. You’ve got laptops, desktops, a server. None of them should be able to talk to anything else on the network that it doesn’t absolutely need to talk to. It’s like the lowest privilege type thing.
So for instance what I do on my office network is the printers are on a completely different network that is firewalled from the servers, which are firewalled from the desktop which are firewalled from the laptops. The printers can not get to anything else on the network unless first someone’s trying to send them a print job. It’s just an example of it. You don’t want the laptops to be able to scan.
We have a customer who just this week, has a little SonicWall firewall and SonicWalls are okay, but his hasn’t been updated in three years. It hasn’t been supported in years either. That little SonicWall firewall was then used to get into his network and start spreading. It got around the firewall because he was using it for a VPN controller. Then it started crawling all the way through this network and playing all kinds of havoc, internally. Again. If that firewall couldn’t have gotten to a machine and then that machine starts probing everything else, it couldn’t have spread.
In other words, zero-trust only allows machines to talk to each other that absolutely need to talk to each other and only using the protocols that they’re supposed to. I’ve seen many times, which is the sales guy is tinkering around and is getting into the accounting data. Why are you doing that? They should not be allowed to, so that’s the bottom line.
This is a real big deal. We’ve got to start building our networks with the assumption that they have already been compromised. How are we going to control it, if it’s compromised?