On May 12, The White House published its Executive Order (EO) on Improving the Nation’s Cybersecurity. The directive outlined a set of focus areas intended to improve cybersecurity for the federal government and critical infrastructure sectors including information sharing, supply chain security, endpoint detection and response, and cloud security.
Of particular emphasis was the need for broad implementation of Zero Trust Architecture (ZTA), a set of design principles intended to continuously revalidate the authenticity and authorization of persons, devices, and services, assuming a “deny-by-default” approach to security given the deterioration of any defensible perimeter in enterprise networks. It explained, “The Federal Government must … advance toward Zero Trust Architecture.” It went on to note how Federal Civilian Executive Branch (FCEB) agencies must “develop a plan to implement Zero Trust Architecture, which shall incorporate, as appropriate, the migration steps that the National Institute of Standards and Technology (NIST) within the Department of Commerce has outlined in standards and guidance.”
That last part refers specifically to NIST’s Special Publication (SP) 800-207, a document which identified seven basic tenets of zero trust. One of those principles stood out to us here at Tripwire. It reads as follows: “The enterprise monitors and measures the integrity and security posture of all owned and associated assets.”
This makes perfect sense, as Zero Trust is fundamentally about the continuous revalidation of trustworthiness of the connecting entity in an enterprise environment. Fundamentally, trustworthiness is based on integrity, and integrity is only possible through continuous efforts to maintain it. For any connecting entity, integrity is maintained through faithful monitoring to ensure desired and secure state.
Integrity of systems is a central part of what Tripwire works to ensure on a daily basis. It uses File Integrity Monitoring (FIM) to determine when files change, how they change, who changes them, and what actions someone can take to reverse unauthorized and/or suspicious modifications. However, we haven’t discussed integrity in the context of Zero Trust before. Let’s do that now.
The Nine Applications of Integrity for Zero Trust
Security teams can use integrity to assign trustworthiness in their employer’s environments. There are nine areas where they can focus their integrity initiatives. These are as follows:
- System Integrity helps security teams to protect their critical assets against unauthorized changes using security controls such as FIM, secure configuration management (SCM), and vulnerability management (VM).
- Data Integrity prioritizes efforts that protect against data corruption events. This includes data backups, encryption, as well as Identity and Access Management (IDAM).
- Security Control Integrity enables security teams to capture a snapshot of their systems’ security controls and compare them to industry-leading standards such as the Center for Internet Security’s Critical Security Controls (CIS Controls), the Payment Control Industry’s Data Security Standard (PCI DSS), and the Health Insurance Portability and Accountability Act (HIPAA).
- Network Integrity focuses on ensuring the reliability of network connections and protecting data as it travels across the network. To ensure this type of integrity, security teams can use firewalls, network-based Intrusion Detection Systems (IDS), secure remote access, and Virtual Private Networks (VPNs).
- Database and Application Integrity involves determining which applications are running in an organization’s infrastructure. With that knowledge, security teams can determine how those applications are configured so that they can create behavior baselines and monitor for deviations.
- Firmware Integrity operates similarly to Database and Application Integrity in that it empowers security teams to visualize and manage their firmware’s configurations so that they can defend against potential compromises.
- Physical Integrity emphasizes the use of access controls, security monitoring, and other measures to protect critical assets against hazards such as fires, floods, earthquakes, and electric power interruptions.
- Process Integrity upholds the notion of bringing all security processes together into a holistic approach. It leverages Security Incident and Event Management (SIEM) as well as a Security Operations Center (SOC) to integrate those security controls.
- People Integrity focuses in on trusting individuals who are authorized to access Information Technology (IT) and Operational Technology (OT) systems, interact with data, and oversee corporate security efforts. It does this via security awareness training, behavior analytics, and other control.
Concrete Examples of Integrity’s Applications in Action
Let’s examine what some of integrity’s applications might look like in action. First, there’s Network Access Control (NAC). With Network Integrity, Physical Integrity, and other applications at its center, NAC allows security teams to limit instances of access based upon identity, vulnerability risk, configuration, and other properties. It thereby gives personnel a means to validate every potential network connection, which is one of zero trust’s foundations.
Micro-segmentation is another use case for integrity in the context of zero trust. This particular security control accounts for the possibility that an attacker could compromise an endpoint or leverage a hacked account to gain access to the network. With micro-segmentation, security teams can segment and isolate workloads to direct their security efforts and make access decisions. It thereby helps to prevent malicious actors from abusing a foothold to move laterally across the entire corporate network.
An important part of preventing a compromise in the first place is to ensure that a targeted system is in a desired, secure state. By applying Secure Configuration Management (SCM), systems are “hardened” to reduce the risk of compromise. Taking this a step further, continuous monitoring through FIM alerts security teams to changes in the configuration of systems that may cause them to deviate from desired—or compliant—state. The FIM capability also serves an important function as an intrusion detection trigger, alerting teams to potential compromise.
Finally, integrity factors into what’s known as a Trust Policy Engine. This is where security teams evaluate both ends of a requested connection for trustworthiness and present the other side’s trust score to each party. Depending on those scores, those assets’ respective Trust Policies will either approve or reject the connection request.
A Foundation of Zero Trust
To learn more about how integrity facilitates zero trust, please download your copy of Tripwire’s whitepaper here: https://www.tripwire.com/misc/building-a-foundation-for-zero-trust.