The idea to discuss microsegmentation and zero trust came to me while reading cybersecurity articles over cellular data as I was waiting in line one day.
And, I wrote this article on different devices: on my laptop connected to my home wireless network; on my tablet over Wi-Fi. Each time I switched devices or wireless networks — or even worse, both — I increased my risk for attacks because I opened up a new endpoint for potential breaches or entry points for bad actors.
Like me, employees and organizations across the country are working on whatever device and network most accessible to them — as the lines between work and home have almost all but faded in the past year. When you apply this across an entire workforce, these habits mean a substantial increase in security risk and vulnerabilities.
Let’s take a look at how enterprise can use network microsegmentation and zero trust to manage internal relationships. Future posts in this series will delve into applying the strategy to vendors and customers.
Security Shifting to a Zero Trust Model
Working from anywhere is now the norm, not the exception. In the past, business leaders focused on the perimeter, but the shift of remote working combined with multiple cloud environments and personal devices means this approach isn’t enough. Protecting today’s work environment — which can now be anywhere in the world — requires more than purchasing new tech or infrastructure. Managing permissions and access to workloads across a data environment instead requires a major shift in strategy, technology and processes.
More and more, companies are turning to the zero trust model. This means assuming that each person or device requesting access to the network is not authorized. To gain access, the network must verify every single access request. Managed correctly, this model allows users and devices to access the data and systems needed from any location. At the same time, it keeps bad actors out, all while protecting against data breaches.
Learn more on zero trust
What is Microsegmentation?
It’s important to balance good defense with the need to allow access to data and systems. By using network microsegmentation, you create small sections of access with walls between each segment.
Think of a walled garden with multiple gardens inside. High stone walls with locked doors surround each garden. You can only access other gardens with the proper key, and all of the plants stay within their respective gardens. If a fire occurs or a deer begins eating the plants, it will only damage the flowers in the single garden.
Leaving the garden analogy aside, the same protections happen when you use microsegmentation both on your data and your network. If a breach happens when using this strategy, then only the data in the specific section breach is leaked. Or, if a bad actor enters the network, they can only access and damage the one section. Microsegmentation limits the damage that can be done from a single attack, which decreases risk, even more so when it comes to remote work. Because of the increased use of Internet of things devices with sensitive health data, many health organizations are adopting this strategy to secure devices and data.
However, with today’s complex work environment, using microsegmentation requires having a strategy and applying it carefully to different user types and devices.
Defining Policies for Workloads, Apps and Devices
While at first glance, it’s easy to assume that the concept of role-based access to your employees that we’ve used for decades easily transfers to microsegmentation. You could simply add new user types to the tried and true ‘Admin’ and ‘User.’ But, instead, you need to think about the data access that employees need in order to do their jobs and understand each workload. By starting the process of internal microsegmentation with a complete analysis of data flows and infrastructure, you can begin to see where workload segments already exist for internal employees.
However, internal relationships mean much more than just people. Each internal device and application that must access systems, cloud network and data must be considered. In addition to determining which users are authorized to access specific segments, zero trust means the policies also set which applications and devices can connect directly with each other. You must be able to visualize segmented apps as well as traffic flow when designing the network microsegmentation.
And yes, this quickly becomes complex, because both company-owned devices as well as authorized personal devices make for a much looser concept now with remote working so common. By adopting granular and fluid policies at a device level, you can adapt quickly as your business scales. You do not have to redefine workload policies with each shift, because policies are inherited.
Reducing Internal Threats Through Zero Trust Microsegmentation
In addition to building access to make employees more productive, microsegmentation also helps prevent insider threats. According to the 2020 Insider Threat Report, 68% of organizations report that insider threats have increased in the past 12 months. Businesses must walk a very fine line trying to balance between providing the access employees need to do their jobs and preventing insider cyberattacks, which often are at odds.
However, the concept of microsegmentation combined with zero trust provides strong protection against these type of threats. Instead of employees having access to all systems or even some systems, access is truly limited on an as-needed-for-work basis. The authentication process for each access makes it harder for employees to reach sensitive data not related to their job. Even more, if an employee does launch an attack on apps or data, the damage they can do is limited based on the microsegmentation of the network.
While the concept of microsegmentation on the surface is easy — create separate segments for microservices — putting it in place often seems too complex, more so with internal connections. However, one of the biggest benefits of microsegmentation is the ease of scaling and changing policies. By using this strategy as the foundation, your business now has the agility needed to make internal changes — to employees, devices, workloads and apps — to react to changing business needs. With microsegmentation and zero trust, you create both the security and flexibility needed for today’s world.