What is Zero Trust and How Can it Help Right the Ship?
Zero Trust is a radical shift in the way we think about cyber security. Consider the story of the city of Troy. Once upon a time, the people of Troy trusted a wooden horse as a gift and the bad guys got in. Today, we trust our passwords, and VPNs, and like Troy…..we are letting the bad guys in.
Passwords were a great invention in 1961, but now in 2021, passwords are the cause of many security breaches and ransomware attacks. Why is this happening?
Nobody can remember one or two hundred passwords, especially not passwords that are unique, strong and have numbers and characters. And people generally don’t change their password every 90 days. The reality is that people tend to re-use the same passwords, modify existing passwords, rely on their pet’s name, or birthday.
Because of this, cybercriminals don’t need to break into our accounts, they simply log in using our weakest passwords.
How does Zero Trust Work?
The idea behind Zero Trust is that you stop trusting legacy security tools like passwords and VPNs. The Zero Trust architecture makes the assumption that every login attempt is a breach – until explicitly verified to be safe. It demands that we look at the entire chain from the user’s device to the data being accessed, by addressing a series of questions:
Zero Trust architecture is a more robust security model than the old approach of trusting passwords and VPNs to protect our sensitive digital assets. For this reason, companies and individuals need to move away from trusting passwords and embrace the notion of password-less authentication, relying on a combination of biometrics and multi-factor authentication. When we do this, we increase our chances of detecting a fraudulent login and hopefully hindering lateral movement across our networks.
Zero Trust as a Methodology
It’s important to note that Zero Trust is not another software product that you buy and configure. Rather it is a methodology, a framework, a modern approach to security in an increasingly complex world of hybrid work and BYO technology. Fortunately, any company that has Microsoft 365 licenses can implement Zero Trust – you already have all the pieces of the jigsaw puzzle. There is an exciting and important learning curve ahead to assemble that puzzle.
Hope is not a strategy
The biggest risk of all is the humans that sit behind the keyboard. Without adopting robust Zero Trust security measures, every time we type a password, click a link, or open an attachment, we’re taking an enormous risk.
Hope is not a strategy, but I am hopeful that if we embrace Zero Trust, we can collectively impede cybercrime and cut off the revenue stream cybercriminals are pulling from our economy. More importantly, I hope we can restore confidence in our digital world.