the zero trust model of information security

The Zero Trust Model of Information Security

The Zero Trust Model of Information Security John KindervagForrester ResearchCindy ValladaresTripwire, Inc.

IT SECURITY & COMPLIANCE AUTOMATION

Today’s Speakers

John Kindervag

Senior Analyst

Forrester Research

Cindy Valladares

Compliance Solutions Manager

Tripwire, Inc.

© 2010 Forrester Research, Inc. Reproduction Prohibited4 © 2009 Forrester Research, Inc. Reproduction Prohibited

No More Chewy Centers: The Zero-Trust Model Of Information Security

John Kindervag, Senior Analyst

© 2010 Forrester Research, Inc. Reproduction Prohibited5

New threat landscape

Something’s broken

New trust models

Summary

Agenda

© 2010 Forrester Research, Inc. Reproduction Prohibited6

New threat landscape

Something’s broken

New trust models

Summary

Agenda

© 2010 Forrester Research, Inc. Reproduction Prohibited7

What do they have in common?

© 2010 Forrester Research, Inc. Reproduction Prohibited8

New threat landscape

Question: “Why do you rob banks?”

Answer: “Because that’s where the

money is.”

© 2010 Forrester Research, Inc. Reproduction Prohibited9

Where the money is . . .

Credit card theft

Identity theft/fraud

SPAM/botnets

Web 2.0 (user-generated content)

© 2010 Forrester Research, Inc. Reproduction Prohibited10

The “Philip Cummings” problem

Philip Cummings was a help desk staffer at TeleData

Communication, Inc. (TCI), 1999 to 2000.

TCI is a software provider for credit bureaus such as

Experian and Equifax.

Cummings had access to client passwords and subscription

codes.

© 2010 Forrester Research, Inc. Reproduction Prohibited11

The “Philip Cummings” problem (cont.)

Cummings was offered $60 per credit report by Nigerian

nationals (organized crime).

Cummings provided a laptop preprogrammed to download

credit reports from Experian, Equifax, and TransUnion.

The crimes took place between 2000 and 2003 (Cummings

left his job in 2000).

© 2010 Forrester Research, Inc. Reproduction Prohibited12

The “Philip Cummings” problem (cont.)

Discovered by Ford Motor Credit Company in 2003

30,000 identities stolen

At least $2.7 million loss (FBI data)

Cummings sentenced to 14 years in prison and $1 million

fine

Biggest identity theft in US history

© 2010 Forrester Research, Inc. Reproduction Prohibited13

© 2010 Forrester Research, Inc. Reproduction Prohibited14

© 2010 Forrester Research, Inc. Reproduction Prohibited15

New threat landscape

Something’s broken

New trust models

Summary

Other item

Agenda

© 2010 Forrester Research, Inc. Reproduction Prohibited16

Plenty of controls

Internet

Router

Web ApplicationFirewall

Two-FactorAuthentication

SSL VPN

Content Filtering

Home Users

RemoteWireless

Users

Corporate WirelessNetwork

Business Parters

Wireless Gateway

Anti-VirusConsole

Intrusion Detection

Console

SecurityInformationManager

Patch Management

RNA Console

Firewall

Switch

IDS Tap

IDS Tap

Management Segment

Switch

Internal Users

Internal Server Farm

IDS Tap

IPSEC VPN

IDS Tap

Server DMZ

FTP Server Email Server

Web Server Farm

IDS Tap

IDS Tap

Switch

WirelessManagementConsole

© 2010 Forrester Research, Inc. Reproduction Prohibited17

What’s broken?

© 2010 Forrester Research, Inc. Reproduction Prohibited18

Which one goes to the Internet?

UNTRUSTED TRUSTED

© 2010 Forrester Research, Inc. Reproduction Prohibited19

“Trust but verify?”

© 2010 Forrester Research, Inc. Reproduction Prohibited20

What’s broken?

Trust model

© 2010 Forrester Research, Inc. Reproduction Prohibited21

2010 breaches — malicious insider

© 2010 Forrester Research, Inc. Reproduction Prohibited22Source: April 10, 2007, “Calculating The Cost Of A Security Breach” Forrester report

The cost of a breach

© 2010 Forrester Research, Inc. Reproduction Prohibited23

TJX accrued expenses (10k) — 2008

Source: January 11, 2010, “PCI Unleashed” Forrester report

© 2010 Forrester Research, Inc. Reproduction Prohibited24

How do we fix it?

© 2010 Forrester Research, Inc. Reproduction Prohibited25

New threat landscape

Something’s broken

New trust models

Summary

Agenda

© 2010 Forrester Research, Inc. Reproduction Prohibited26

Zero trust

UNTRUSTED UNTRUSTED

© 2010 Forrester Research, Inc. Reproduction Prohibited27

Concepts of zero trust

All resources are accessed in a secure manner, regardless of location.

Access control is on a “need-to-know” basis and is strictly enforced.

Verify and never trust.

Inspect and log all traffic.

The network is designed from the inside out.

© 2010 Forrester Research, Inc. Reproduction Prohibited28

Inspect and log everything

MGMTserver

IPSWebfarm

Serverfarm

DB farm

IPS

IPS

WLANGW

IPS

IPS

WAN

WAF

DAM

SIM NAV

DAN

© 2010 Forrester Research, Inc. Reproduction Prohibited29

© 2010 Forrester Research, Inc. Reproduction Prohibited30

© 2010 Forrester Research, Inc. Reproduction Prohibited31

New threat landscape

Something’s broken

New trust models

Summary

Agenda

© 2010 Forrester Research, Inc. Reproduction Prohibited32

The threat landscape is changing — beyond the perimeter.

Organized crime is bribing insiders.

Security must become ubiquitous throughout your infrastructure.

Strong perimeters = new threat vectors

© 2010 Forrester Research, Inc. Reproduction Prohibited33

Recommendations

New paradigm — data-centric security

Zero trust — “Verify, but don’t trust!”

Inspect and log all traffic.

Design with compliance in mind.

© 2010 Forrester Research, Inc. Reproduction Prohibited3434Entire contents © 2010 Forrester Research, Inc. All rights reserved.

A blueprint for making it real

The next 90 days

• Eliminate the word “trust” from your vocabulary.

• Find your critical data, and map your data flows.

• Tell people you will be watching their data access activity.

• Review who should be allowed specific data access.

© 2010 Forrester Research, Inc. Reproduction Prohibited3535Entire contents © 2010 Forrester Research, Inc. All rights reserved.

A blueprint for making it real

Longer term

• Create a data acquisition network (DAN).

• Segment your network to ease your security and compliance burden.

• Begin rebuilding your network to reflect the zero-trust concepts.

© 2009 Forrester Research, Inc. Reproduction Prohibited

Thank you

John Kindervag

+1 469.221.5372

jkindervag@forrester.com

Twitter: @Kindervag

www.forrester.com

www.tripwire.comTripwire Americas: 1.800.TRIPWIRETripwire EMEA: +44 (0) 20 7382 5420Tripwire Japan: +812.53206.8610Tripwire Singapore: +65 6733 5051Tripwire Australia-New Zealand: +61 (0) 402 138 980

THANK YOU!

John KindervagForrester Research

E-mail : jkindervag@forrester.com