In this article, we will read about why embracing a zero trust security model NSA is important. So, if you want to know why, then read on.
Embracing a Zero Trust Security Model NSA
Embracing a zero trust security model NSA means that you are securing your data with a defense-in-depth strategy. It is a security approach in which you accept that you can’t trust anything or anybody. And every component within your network is assumed to be a potential attacker.
In this approach, you control what enters and exits your network based on the principle of least privilege instead of trying to block all incoming threats. The main reason why organizations embrace a zero trust security model is that they don’t know who they can trust. The problem with this basic assumption is that it’s not always true.
For example, if you have a company where employees are working from home and are telecommuters, then such employees are more likely to trust their colleagues than their bosses. It’s also true for users who interact with the cloud.
So, it’s really hard to know if you can trust your people and the third-party vendors that you deal with daily.
Principles on Embracing a Zero Trust Security Model NSA
Embracing a zero trust security model NSA means that you build your security strategy based on the following principles:
- You need to understand that every employee within your organization can become an insider threat
- You cannot trust any third-party vendor or service provider
- Also, you cannot trust malicious code that arrives via email or any other communication channel
- Then, you cannot even trust software updates delivered by reputable vendors
So, the best way to understand the zero trust security model NSA is through an example. Let’s say that an organization has deployed the following components:
- A DMZ/edge network with public-facing servers
- An intranet containing critical business applications and data. One which users access via VPN or web apps exposed via proxy servers or web application firewalls (WAFs)
- An extranet containing partner portals and services for customers (e.g., customer support portal)
In this case, users are connecting to the intranet using a VPN connection where all traffic goes through a Web Application Firewall (WAF). This WAF inspects traffic for malicious code and blocks it if such code is discovered.
In addition, this WAF will inspect requests for all applications hosted in the DMZ/edge network. And will only allow traffic from approved source IP addresses for those applications. Of course, there are exceptions such as users accessing the intranet directly. Also, a small number of IP addresses for critical systems such as the domain controller (DC).
However, no WAF can protect you against malicious code that enters the network through a social engineering tactic.
Conclusion
As you can see, it is important to adopt a zero trust security model NSA because you can’t know if your employees and third-party vendors are trustworthy. Also, such a model protects you against malicious code that enters your network through social engineering attacks.