Migrating to a zero trust security model can involve significant costs, both in terms of time and resources.
This article dives into 5 proven strategies that organizations can use today to reduce these costs while still ensuring a successful migration:
Prioritizing
Adopting a Phased Approach
Leveraging Existing Technology
Using Open-Source Solutions
Implementing Automation
Read on to discover concrete examples of tools and technologies you can start using today.
1. Prioritize
Conduct a cybersecurity risk assessment to identify the most critical assets and data that needs to be protected. This will help you prioritize your efforts and allocate resources where they are needed most.
In most assessments that Zephon conducts for their clients, we strongly recommend an organization wide data discovery and classification exercise. While it is usually easier to identify critical assets and data interfacing with them, most often data is scattered in the most unsuspecting and insecure locations. This leaves organizations vulnerable to data breaches in spite of having all the right security controls around their critical assets.
Once you have your crown jewels (systems and data) identified, focus on those first, and migrate them to a zero trust security model. This takes us to the next strategy.
2. Adopt a Phased Approach
Rather than trying to implement zero trust security across your entire organization at once, consider adopting a phased approach. Start with a pilot program or a small group of users and gradually expand from there. Focus on the critical assets and data first.
For all the migrations to a more mature zero trust security level that we have implemented, the primary factor in our success has been utilizing a phased approach.
Do not try to boil the ocean.
3. Leverage Existing Technology
Before investing in new tools and technologies, review your existing infrastructure and see if there are any solutions that can be repurposed or upgraded to support zero trust security.
Here’s an example of a tool we developed to automated the ingestion of AWS IAM security policy data into RSA Archer by converting it all into a CSV format: https://github.com/zephontech/utils-python/blob/master/AWSIAM_RolesToPolicyCSV.py
4. Use Open-Source Solutions
Consider leveraging open-source solutions (OSS) for components such as identity and access management (IAM) or network segmentation. These can often provide robust functionality at a lower cost than proprietary solutions.
Here are a few examples of mature and frequently updated OSS that organizations can use in their zero trust journey:
IAM:
Keycloak
SuperTokens
Ory
Gluu
FreeIPA
Shibboleth
SimpleSAMLphp
Open Policy Agent
Micro Segmentation:
Project Calico
Cilium
Istio
Project Antrea
Traefik
Network / Security Monitoring:
Wazuh
Zabbix
Application Security:
Apache Knox
Endpoint Security:
Osquery
Wazuh
Zephon has rich experience in successfully utilizing these open source tools and more. If you have any questions on the above list, or any questions on using open source solutions for zero trust security, feel free to reach out.
5. Implement Automation
Automation can help reduce the workload associated with zero trust security, particularly when it comes to managing access and authentication. Look for tools and platforms that support automation, such as continuous access evaluation (CAE, currently supported by AS) or policy-driven orchestration.
Policy driven orchestration is a new yet very powerful technology. It allows organizations to define, manage, and enforce security policies consistently across an organization's IT infrastructure. There are various tools out there to implement security as code mainly focused towards cloud environments. Some examples of Policy Orchestration tools are:
IBM Security Policy Manager
AlgoSec
Tufin
FireMon
Forescout
The policy orchestration tool that you implement should be integrated with your IAM and SIEM tools to enable you to automate the remediation of any deviations from security policy.
Security, Orchestration, Automation and Response (SOAR) now supported by most major SIEM tools, allows organizations to not only identify malicious and unauthorized behavior, but automate the remediation process too. Here’s a good example that Zephon implemented for one of its clients: https://www.zephon.tech/post/security-automation-and-reverting-unauthorized-changes
Conclusion
The importance of adopting a zero trust security architecture cannot be undermined today and these 5 strategies can be employed by any organization to gradually mature their security posture while still ensuring that they remain secure.
Every organization is different and has different needs. While the journey to zero trust may seem like an uphill task, it is definitely doable. With the right strategy, every organization can enjoy the relative peace of mind that comes with adopting a zero trust security approach.
If zero trust security is a priority for your organization and you have questions, feel free to reach out to us contact@zephon.tech. We can help you take the first step.