As digital landscapes continue to evolve, the conventional cybersecurity model of "trust but verify" is being challenged by a more proactive and rigorous approach – Zero Trust Security. While the scope of Zero Trust encompasses various dimensions, let's narrow our focus to explore the pivotal role that automation plays in fortifying security.
An often-mentioned but not well-understood aspect of end-to-end infrastructure automation is the impact it can have on security.
Most enterprises naturally divide their IT groups into many disparate teams: some focused on the network and others on servers and storage. These teams often have separate lifecycles, policies, budgets, priorities, and even management chains that only meet at the top of the company.
This approach has several problems. First, it favors perimeter-based defenses, which are increasingly ineffective in the face of modern cyberattacks. Second, it creates silos that can lead to miscommunication and security gaps. Third, it makes it difficult to implement and maintain a comprehensive security strategy. Today, 80% of cyberattacks leverage identity-based techniques like phishing to obtain valid credentials. Once inside, attackers move laterally fast; on average, they exfiltrate the target data within 84 minutes of the initial breach. Attackers can simply log in to a network and bypass traditional perimeter defenses. Organizations must adopt a more holistic approach to security that considers all aspects of their IT environment to protect themselves from these attacks. While social-engineering-based attacks might not always be detected nor fully stopped, what is important now is to limit the blast radius.
Tenant isolation is a basic practice of every service provider that is perfectly suited for this job, as service providers have been dealing with compromised hosts for ages. This type of out-of-the-box, just-works-and-cannot-be-disabled approach can help mitigate some of that risk by automatically placing each tenant's servers into a separate security zone, while also allowing infrastructure to easily move between environments or what service providers call "reusing" hardware.
Ultimately, the advantage of a zero-trust approach is that you no longer have the burden of deciding whether or not to extend trust to certain users. The system and policy do it for you.