Securing the Supply Chain and High Value Assets in a Zero Trust Environment

Image source: Adobe Stock.

by John Lewington

posted on 10-15-2019

National Cyber Security Awareness Month (NCSAM) is a time to remember that we must continually work to improve security posture.

In many organizations, including government, security has largely been accomplished with perimeter-style defenses, like multiple network zones, firewalls and encryption. But upon closer inspection, we can find a more intelligent way to help protect the infrastructure.

Some security compliance frameworks state that data encryption should happen at rest and in motion. Yet all encryption methods aren’t equal. Technology decision-makers must evaluate each approach against the threat models for the environments they manage.

For instance, whole-disk encryption defends against physical theft of the drive. Moving up the stack to network protection measures like Secure Sockets Layer (SSL), Transport Layer Security (TLS), or virtual private networking (VPN) also can pose potential issues. Data is encrypted at one end, only to be decrypted at the other end and could be exposed to unauthorized activities. Application security measures like transparent encryption in the database are potentially prone to Structured Query Language (SQL) injection attacks and application exploits to access information.

To help combat potential security threats, IT security practitioners have started adopting a Zero Trust posture with content-level data protection technologies, like Digital Rights Management (DRM) as shown in the figure below.

What is “Zero Trust?”

“Zero Trust” is a security concept centered on the belief that organizations should not automatically trust anything inside or outside its perimeters and instead must verify anything and everything trying to connect to its systems before granting access.

According to “Zero Trust Networks: Building Secure Systems in Untrusted Networks” by Evan Gilman and Doug Barth, a Zero Trust network is built upon five fundamental assertions:

  1. The network is always assumed to be hostile.
  2. External and internal threats exist on the network at all times.
  3. Network locality is not sufficient for deciding trust in a network.
  4. Every device, user, and network flow is authenticated and authorized.
  5. Policies must be dynamic and calculated from as many sources of data as possible.

There are two great use cases for moving toward a Zero Trust environment with content-level data protection.

The first case is from how the Department of Defense (DoD) strengthened its supply chain by protecting defense information. Recently, the DoD developed the Cybersecurity Maturity Model Certification (CMMC). CMMC builds upon Defense Federal Acquisition Regulations Supplement (DFARS) Clause 252.204-7012, Safeguarding Covered Defense Information and Cyber Incident Reporting, by adding a verification component with respect to cybersecurity requirements and mapping these controls and processes across several maturity levels that range from basic to advanced cyber hygiene.

The second case is the Department of Homeland Security’s (DHS) Continuous Diagnostics and Mitigation (CDM) program for tools needed to protect sensitive information and high-value assets (HVA). HVAs fall into three categories:

Agencies also must monitor protection compliance related to HVAs containing personally identifiable information (PII). Both of these two use cases are underpinned by complying with the National Institute of Standards and Technology’s Special Publication 800-171 (NIST SP 800-171).

“Zero Trust” means users must prove they can be trusted

The backbone to a successful Zero Trust environment is a process that leverages micro-segmentation and granular permissions based on users (or applications), devices, and a trust decision. It’s about using these and other technologies to enforce the idea that no one and nothing has access until they’ve proven they should be trusted.

One key component to Zero Trust is the Control Plane, which decides whether an authenticated user and device are authorized to access a protected resource. The Control Plane provides fine-grained policy decisions that can be based upon roles, location, time of day, or type of device, to name a few.

But the Control Plane is only part of the solution.

Digital Rights Management (DRM) provides security down to the data level

To extend Zero Trust to content-level data protection, which is critical for federal, state, and local government agencies, one can use Digital Rights Management (DRM). DRM is a data-centric technology that helps protect documents and content containing sensitive information like Personally Identifiable Information (PII), Protected Health Information (PHI), Controlled Unclassified Information (CUI), and Intellectual Property (IP). In order for a DRM system to enforce Zero Trust principles down to the data level, the following requirements are mandatory:

Improve data security with Adobe

As the security landscape grows increasingly complex and challenging, traditional perimeter-style security architecture need to be rethought. This has given rise to new architectures, like Zero Trust, that take a different approach.

Adobe continues to be recognized as an industry leader in DRM, especially in the public sector. By assuming that nothing is trusted inside or outside the perimeter, Zero Trust aims to dynamically verify all access to system resources. With DRM, we can extend Zero Trust principles down to the content level and provide much stronger protections and mitigations against potential issues.

Special thanks to Steven Gottwals for his contributions to this article.

Topics: Industry, Government

Products: