The term Zero-Trust was created by John Kindervag at Palo Alto Networks. He uses the following diagrammed image to describe the physical layers that protect a world leader, from the perimeter all the way to the surface of the vehicle. It’s a great visual metaphor because it shows the need for multiple security layers and the need to monitor attacks that are in progress.
© Image by John Kindervag
So why did Zero-Trust fail to protect against the SolarWinds attack, and why did Tom Kellermann say Zero-Trust must be modernized and extended? The answer is actually in the diagram – if the criminals are already inside the vehicle, the leader would be at great risk. Zero-Trust protects against the hackers outside networks, but not the ones already inside.
So, how can hackers get inside your network? There are many ways, including the SolarWinds-type attack where code ‘piggybacks’ on trusted software, flaws that bypass authentication, flaws in Wi-Fi, unpatchable device flaws that disarm encryption, flaws in IoT devices, flaws in Bluetooth, hardcoded password, malicious insiders, etc. I track these risks and more are discovered every week.
In my precursor post to this first in a series of articles about Zero-Trust+, I described how Gregory Touhill sees a “need to accelerate” improvements. It’s interesting to note that most improvements are actually a combination of what already exists. A classic example is the Sony Walkman that was simply a combination of tape recorders and batteries.
Here at Kloke, we believe that the solution to protecting data inside a network already exists and, to the best of our knowledge, has never been breached. Banks call it ‘tokenization,’ where real card numbers are replaced by fake, unusable numbers that have zero value to a hacker already inside a network.
Kloke is combining other technologies that include threat intelligence that ‘calls home’ when data is in unknown places, business agility to easily make changes retroactive and business transformation to facilitate moving to the cloud. None of this is original, but the combination of these technologies complements Zero-Trust beautifully.
At Kloke, we’re taking this opportunity to add more capabilities. For example, Kloke can prevent a hacker inside a network from accessing or altering your sensitive data, so you would have less to worry about with zero-day exploits or late patches. Kloke also has a proof-of-concept that controls Facebook messages after they’ve been sent (a security firm rep called this “technically impossible”). This has huge implications for cloud, messaging and email apps. We can see [and block] a person trying to use stolen credentials. We call all of these enhancements Zero-Trust+™. We at Kloke would love to help you learn more – please contact us or call 866-511-1011.
Protecting against SolarWinds-type attacks is a major step in protecting against hackers and nation-state threats. But there’s another major threat – the scourge of ransomware. Fortunately, there is a way to restore from backups in seconds without the loss of data. Some say that this is trivial, but there’s a catch – criminals are developing ways to infect backup data that cannot be detected for months. What would you do if a ransomware attack also infected your last six months of backup data? We’ll look at solutions for this in our next article.
This post is the first in series of articles about Zero-Trust+, Kloke’s enhancements to Zero-Trust. To learn more about Kloke, Zero-Trust+ or to register for the upcoming article in this series, please contact us or call +1 866-511-1011.