According to the Verizon 2021 Data Breach Investigations Report (DBIR), privilege abuse was the biggest cause of data breaches. Lack of or poor implementation of controls to effectively manage human credentials as well as machine identities are a key reason for privilege abuse.
Commenting on the seriousness of the problem, David Smith and Bernard Wilson, US Secret Service agents, wrote in the report appendix: “The zero-trust model for access quickly became a fundamental security requirement rather than a future ideal. Prevention of lateral movement, least privilege, and “never trust, always verify” have proven to be strong indicators of an organization’s ability to prevent or recover from unauthorized presence in its network environment.” Robust machine identity management and access controls are key ingredients of Zero Trust security. But first things first—what is Zero Trust security?
What is Zero Trust security?
Let us be clear; Zero Trust is not just, “another technology”. Zero Trust is a strategic approach to securing access to your resources, whether they are data, IoT devices, or cloud workloads. Coined by John Kindervag back in 2010, this breakthrough security approach is based on the mantra “Never trust, always verify.”
Zero Trust assumes that all network traffic is unsecure and considers trust to be a vulnerability rather than a security trait. The model requires that all access requests are authenticated and authorized, no matter if they originate from an internal source or from an external requestor.
Zero Trust differentiates greatly from traditional security approaches where requests originating from within the corporate network were considered as trusted. However, this notion of trust created several security gaps that attackers were more than happy to exploit. Once gaining access on the network, attackers—including external threat actors and malicious insiders—are free to move laterally undetected and exfiltrate sensitive data and intellectual property.
According to NIST, the objective of Zero Trust is “to prevent unauthorized access to data and services coupled with making the access control enforcement as granular as possible.” This means employing authentication, authorization, and minimizing implicit trust zones. The access rules are made as granular as possible to enforce least privilege.
NIST’s blueprint for a Zero Trust Architecture, NIST SP 800-207, defines two approaches to Zero Trust: identity-centric and network-centric.
The key component of the identity-centric approach is the identity of users, machines, and services requesting access to corporate resources. Humans authenticate themselves with some form of authentication, increasingly relying on multi-factor and passwordless authentication. Machine identities on the other hand, depend on cryptographic keys and digital certificates.
A network-centric approach relies on micro-segmentation implemented through Next-Generation Firewalls (NGFW) or Software Defined Networks (SDN). However, for this approach to be effective and efficient, a robust identity management regime is required to authenticate users and machines before being authorized to access resources.
Why is machine identity management important for Zero Trust security?
The acceleration of enterprises migrating to the cloud, and the proliferation of IoT devices, containers and microservices have exploded the number of machines owned by every corporation. As David Bisson notes in a blog, “Machines control the flow of sensitive data. They shape innovation and are fundamental to the way all businesses operate. As a result, the way in which they connect and authorize communication makes them a primary security and operational risk for organizations.”
To authenticate and authorize these machines to access corporate resources, organizations leverage cryptographic keys and digital certificates to serve as machine identities. As the number of machines increases, machine identities are skyrocketing, making their management both essential and difficult.
“Machine identity management helps organizations gauge how much trust they can place in the identity of their machines—particularly as they interact with other machines. To facilitate that goal, machine identity management handles the life cycle of credentials used by machines. These machine identities may include credentials, such as secrets, cryptographic keys, X.509 and code signing certificates, and SSH keys,” explains David Bisson.
Compromised machine identities pose severe risks for businesses. They can become attack vectors for adversaries to invade corporate networks, hide their activity and escape security controls to gain access to data and systems. Hence, it is no wonder that Gartner has named machine identity management a foundational technology for securing organizations and enforcing a Zero Trust strategy.
How to protect machine identities
Many organizations have tried in vain to manually manage the rising number of machine identities. These methods are not suitable for modern enterprises and certainly do not scale. On the contrary, manual management techniques often foster siloed procedures, errors and security gaps, leaving the organization without visibility into the number and status of machine identity ownership.
A solid machine identity management policy should invest in a solution that allows the organization and the security teams to:
- Gain clear visibility of all deployed machine identities
- Ensure ownership and governance
- Protect associated cryptographic keys
- Automate distribution and rotation
Venafi Control Plane for Machine Identities is a comprehensive solution for managing all TLS, SSH and code signing machine identities. You can protect machine identities across teams and departments in on-premises, cloud, cloud-native, multi-cloud, and hybrid environments.
Do you have any zero trust gaps in your machine identity management strategy?