The Imperative for Zero Trust in a Cloud-Native Environment

The Imperative for Zero Trust in a Cloud-Native Environment

December 7, 2023 | NSFOCUS

What is Zero Trust Security?

Zero-trust security is not a specific technology or product, but a security model based on the concept that “All entities are untrusted”. Forrester defines zero trust as “Zero Trust is an information security model that denies access to applications and data by default. Threat prevention is achieved by only granting access to networks and workloads utilizing policy informed by continuous, contextual, risk-based verification across users and their associated devices.”

Zero trust security encompasses four principles:

Least Privilege

Assuming that any user, device, or application is not trusted, all requests are treated as potential threats and validated and authorized.

Multiple Authentication and Authorization

Multi-factor authentication is used to authenticate the identity of users, devices and programs for fine-grained authorization so that they can only access required resources and data.

Real-time Monitoring and Audit

Real-time monitoring and auditing of all user, device and program behaviors as well as the resources and data they access.

Dynamic Security Policy

The security policy is dynamically updated with the changes of users, devices, data and external risks.

Figure 1. Access Process in the Zero Trust Security Model

Characteristics of Cloud-native Environment

Cloud native environment is a modern infrastructure, oriented to cloud computing infrastructure and applications, advocating container-centered lightweight application development and delivery mode. It has the following characteristics:

Containerization

Cloud-native environment takes container technology as the core, and packages applications and dependencies into containers to realize cross-platform operation and rapid deployment;

Automation

Cloud-native environment advocates automation, including automatic deployment, automatic expansion and contraction, automatic monitoring, etc. to improve efficiency and reduce costs;

Elasticity

The cloud-native environment has elastic scalability, which can increase or decrease resources in real-time according to load and demand to cope with different business scenarios;

Microservice Architecture

The cloud-native environment is based on the microservice architecture, which splits programs into independent microservices and communicates through a lightweight communication mechanism to improve flexibility, scalability and maintainability.

Figure 2. Cloud-Native Environment

Why Zero Trust Is Needed in a Cloud-Native Environment

Due to the dynamic, containerized and microservice characteristics of cloud-native environments, traditional boundary security protection policies cannot be fully adapted. Security protection policies in cloud-native environments face the following challenges:

Blurring Network Security Boundary

The network security boundary in the traditional network architecture is usually implemented by hardware devices such as firewalls and gateways. With the development of public cloud, private cloud and hybrid cloud technologies, cloud-native programs may be deployed anywhere, even across multiple cloud service providers and regions, and traditional security boundaries are disappearing.

Increase in Untrustworthy Factors

In the cloud-native environment, the number and location of containers are constantly changing, and their running status will be abnormal due to external attacks, software defects and other reasons, which will adversely affect the security of the cloud-native environment. In addition, cloud-native applications rely on a variety of open-source tools for automated deployment and management. More tools mean more untrustworthy factors in them.

Complex Unified Authorization Mechanism

Cloud-native applications are usually composed of microservices running in different containers, which means that each microservice needs to configure different identity authentication, authorization mechanisms and ensure the interaction between them is secure. In addition, multiple technology stacks are often used to build and deploy applications in cloud-native environments, requiring different authentication and authorization mechanisms for each technology stack.

Complexity of Infrastructure Sharing

The deployment and operation of cloud-native applications may depend on the same set of computing resources, storage resources, network resources, etc. To improve the efficiency of resource utilization, these resources are managed and shared at multiple levels. In the process of management and sharing, problems such as ultra vires and resource run are easy to occur, which affects the normal operation of other services.

Data Security and Compliance Requirements

The deployment and operation of cloud-native applications may span different security domains, with higher standards for data security and compliance.

To sum up, a more flexible, refined and scalable security model-zero trust is needed in the cloud-native environment. The essence of the zero-trust security model is identity-centered access control. It guides the security architecture from network-centric to identity-centric, establishes a more efficient, comprehensive and flexible security defense system, reduces the attack surface, lowers security risks, increases fine granularity of access control, and avoids information and data leakage.

Zero Trust Practices in Cloud-Native Environment

Zero-trust security practices in cloud-native environments can be carried out from the following aspects:

Cloud Native Asset Inventory

Asset inventory can discover unknown or unauthorized assets in time, determine which assets should be authorized or prohibited from accessing, and improve the security and controllability of cloud-native environments.

Principle of Least Privilege

Restrict the access of users and cloud-native services to ensure that they can only access required resources and data so as to reduce the attack surface and potential attack risks.

Fine access control and authorization mechanism

Mandatory and sophisticated authentication and authorization mechanisms, such as multi-factor authentication (MFA) and single sign-on (SSO), can reduce unauthorized access.

Data Encryption

Cloud-native applications usually need to process sensitive data, and encryption and decryption technologies are required during data storage, transmission and processing to ensure data security. In addition, it is also necessary to adopt a secure key management and distribution strategy to ensure the security of keys.

Risk Surface and Threat Management

Cloud-native environments rely on other open-source components and frameworks that are more or less vulnerable to vulnerabilities and security risks. By implementing risk surface management in the cloud-native environment, security risks caused by open-source components and frameworks can be reduced.

Continuous Security Monitoring and Audit

Continuous security monitoring and auditing can ensure the legality of users’ and services’ access to sensitive data and applications, monitor potential threats in real time, and reduce the risk of unauthorized access.

Automatic Rotation of Credentials

Automatic credential rotation can reduce human errors and omissions, and reduce the security risks caused by credential leakage and theft. This is especially important at a time when ransomware incidents are frequent.

Dynamic Security Policy

Security risks are increasing day by day, and dynamically updateable security protection policies are required to cope with endless security threats.

Security Awareness Training

Regular security awareness training for employees on risks and preventive measures can effectively improve the overall security level of the enterprise

Conclusion

Due to the dynamic and non-fixed security boundary, traditional security policies cannot effectively solve many security problems in a cloud-native environment. The core principle of the zero-trust security model is authentication and authorization. Only authenticated and authorized devices and users can access specific resources. Identity-centered zero-trust security model can solve some problems that cannot be solved by traditional security policies more dynamically, finely and effectively. However, the zero-trust security model cannot completely replace traditional security policies. The two should be combined to build a security system with “defense in depth” capability to protect the security of services, data, networks and systems from multiple perspectives and in an all-round way.