Zero trust networks, and the implications for video surveillance
Networks are increasingly vulnerable. A combination of increasingly sophisticated and numerous cyberattacks and the exponential growth in connected devices – each of which creates another network endpoint open to attack – means that organizations are fighting a never-ending battle to keep networks secure.
Historically, organizations have relied on ensuring that the corporate firewall is as robust as possible. While such an approach looks to ensure security for network access, should anyone be able to breach the firewall they are then able to move about fairly freely within the network. Once inside the network, loss of data causing potentially irreparable damage is a real risk, while bad actors can remain active for weeks or months before they are discovered (if they are at all).
Further, the concept of a network being isolated within a firewall is outdated. Again, the sheer number of devices connected to the network mean protecting the network perimeter with a single solution is not feasible. In addition, use of cloud-based services beyond the network, and the benefits of creating a more ‘permeable’ network perimeter – where the systems of customers and suppliers are seamlessly connected to deliver significant supply-chain efficiencies – have changed the nature of network security.
Trust nobody and nothing in the network
As a result, the concept of ‘zero trust’ has emerged, and with it zero trust networks and architectures. As the name suggests, the default position in a zero trust network is that no entity connecting to and within the network – whether apparently human or machine – can be trusted, wherever they may be, and however they may be connecting.
Rather, the overriding philosophy of zero trust networks is, ‘never trust, always verify’. This demands that the identity of any entity accessing or within the network is verified multiple times in a number of different ways, depending on behavior and the sensitivity of specific data in the network being accessed. In essence, entities are granted the minimum amount of access required to complete their task.
Zero trust employs techniques such as network micro-segmentation – applying varying levels of security to specific parts of the network where more critical data resides – and granular network perimeter security based on users and devices, their physical locations and other identifying data, to determine whether their credentials can be trusted to access the network.
Giving individuals access only to parts of the network and the data required to undertake their role brings obvious security benefits. But anomalies in the behavior associated with these identities brings an additional level of security.
For instance, a network administrator may have extensive networks access for maintenance, for instance to R&D or finance servers. But those same credentials being used to download specific files or data in the middle of the night, and sending them outside the network would be a security red flag. These may point to security credentials having been stolen, a disgruntled employee, or someone looking to gain through corporate espionage.
In a zero trust network, either additional authentications can be employed or, at a minimum, the anomalous activity can be flagged in real-time and brough to the attention of the security operations center for investigation.
Defining and applying rules
Sitting at the heart of zero trust networks are policy engines: software which, broadly speaking, allows an organization to create, monitor and enforce rules about how network resources and the organization’s data can be accessed.
A policy engine will use a combination of network analytics and programmed rules to grant role-based permission based on a number of factors. Put simply, the policy engine compares every request for network access and its context to policy, and informs the enforcer whether the request will be permitted or not.
In a zero trust network, the policy engine defines and enforce data security and access policies across hosting models, locations, users, and devices, requiring organizations to carefully define rules and policies within key security controls such as next-generation firewalls (NGFWs), email and cloud security gateways, and data loss prevention (DLP) software.
Together, these controls combine to enforce network micro-segmentations beyond hosting models and locations. While currently it may be necessary to set policies in each solution’s management console, increasingly integrated consoles can automatically define and update policies across products.
Identity and Access Management (IAM), multi-factor authentication, push notifications, file permissions, encryption and security orchestration all play a role in the design of zero trust network architectures.
The implications of zero trust networks for video surveillance
Entities connecting to a network include people, of course, but today and increasingly so, the most numerous network connections come from devices. This includes network surveillance cameras and associated network-connected devices, and as organizations move towards zero trust network architectures it will be essential that these network devices adhere to the principles required for verification. It would be ironic if a device designed to keep the organization physically secure led to a cybersecurity vulnerability.
Again, traditional forms of device security are no longer sufficient. In the same way that bad actors are able to steal the access credentials of an employee, they are able to compromise the security certificate of devices. In a zero trust network, new approaches are needed for devices to prove their trustworthiness to the network.
Verifying the identity of hardware devices
One technology that can provide an immutable root of trust for a connected hardware device is the use of blockchain technology. While to many blockchain is associated closely with cryptocurrencies – and may suffer reputationally because of that – in itself, blockchain is an open, distributed ledger that can record transactions between two parties efficiently and in a verifiable and permanent way. There are both public and private blockchain implementations, and enterprises can employ private blockchains for the use of hardware roots of trust and thus establish immutable trust keys within devices.
Because of the construction of the blockchain, no data transaction in the chain can be changed without agreement from the consensus nodes of all preceding transactions, all of which are cryptographically linked. Therefore, if trust keys for the identifiable parts of a hardware device are built into the blockchain, this creates immutable credentials for the device itself.
Preparing for a zero trust future
We might feel that a zero trust approach is a sad indictment of the times in which we live, where well-resourced cybercriminals are constantly looking to exploit network vulnerabilities. In actual fact, it represents a logical approach to building the most resilient and secure networks, as the number of entities connected to them increases every day. For this reason, many organizations are starting to take a zero trust approach to network architectures.
For any hardware manufacturer, Axis included, it is essential that we are preparing for the zero trust future. It will be here sooner than we think.
Learn more about cybersecurity at Axis.