Why Zero-Trust Must Extend to Deep Infrastructure
It is a dramatic understatement to say that staying one step ahead of continually evolving cyberthreats like ransomware, malware and other severe attacks must be a top priority. Today’s global community of threat actors and hackers are sophisticated and organized, constantly on the move to find the next layer of vulnerability in your environment. A proactive, all-encompassing zero-trust security strategy is absolutely essential.
If you are like most organizations, your focus on tightening security starts with heightening identity access management at the perimeter and graduates to follow established best practices that span across your applications, your data, your networks and the cloud.
This begs the question: What’s next? Where should you turn your attention? The fact is, serious, persistent threats are already looming in your infrastructure. The lowest-hanging fruit—and the most vulnerable point of attack—is actually where you least expect it: The hardware and firmware that lies in the deep layers of your physical infrastructure.
Complex, Laborious Firmware Update Processes Result in Vulnerabilities
The increasing proliferation of malware attacks at the physical infrastructure layer proves that hardware and firmware are extremely vulnerable to ransomware or malware targets. Let me explain why. Think about how many different components in your data center need firmware updates. Your server includes numerous specialty pieces of hardware and the firmware that goes along with them—some examples include the BIOS, board management controller (BMC), SSDs, storage controllers, network card and more.
If you are part of a large shop, you have thousands of devices that constantly need updating. Keeping ahead of the update curve is an endless challenge. First, you need to be monitoring the latest updates—with some coming every several months. Then, the updates themselves require time and resources, both of which are already scarce commodities. To complicate things further, the firmware update process is not universal across operating systems, hardware vendors or devices; some require you to boot from one operating system, update the firmware and then go back to the previous operating system. Due to the cumbersome nature of this update process, IT organizations tend to ignore the firmware, leaving the company exposed to ransomware and other attacks.
As you plan your next courses of action, there are two key security principles and solutions to keep in mind.
Understand—and Look for—Zero-Trust Security Models
While it’s been around for a while, the concept of zero-trust is prominent in every current security discussion and is used in the design and implementation of IT systems. It’s built on a never–trust, always–verify model where devices are not trusted by default, even if they are connected to a permissioned network, such as a corporate LAN, and even if they were previously verified.
A recent executive order from the Biden administration builds a case for moving the U.S. government toward zero-trust cybersecurity principles. The order noted that in the current threat environment, the federal government can no longer depend on conventional perimeter-based defenses to protect critical systems and data, and then goes on to build the case that a transition to a zero-trust approach to security provides a defensible architecture for this new environment. As outlined in this report, the foundational tenet of the zero-trust model is that no actor, system, network or service operating outside or within the security perimeter is trusted. Instead, anything and everything attempting to establish access must be verified. This is a dramatic paradigm shift in the philosophy of how infrastructure, networks and data are secured—moving from verifying once at the perimeter to continual verification of each user, device, application and transaction.
To simplify the idea, let’s look at how zero-trust would be applied to a real-world environment like your home, for instance. The most common security model today is perimeter security. For your home, this means your front door is locked. And that might be enough, right? Wrong. What if you are storing something valuable in one of the rooms inside your house? Once the front door is bypassed, the intruder can access any room in the house. With zero-trust security models, each room within the house would be locked; would require authentication to enter and the contents would remain more secure.
At every security layer, this line of thinking is applicable to government organizations and private enterprises alike. Increased value comes as zero-trust models incorporate always-on, end-to-end encryption of data at rest as well as data in-flight. And applying a zero-trust model ensures that all customer and application data is always secure, even if drives are physically removed from the servers.
Avoid Configuration Drift
With threats increasingly targeting deeper levels of server hardware and firmware, there’s definitely a pressing need for a way to securely deploy and maintain the deeper layers of the server-based infrastructure. The ideal way to protect your data is through an immutable solution that’s used to deploy standardized server-based infrastructure rapidly, repeatedly and consistently. Immutable machine instances avoid configuration drift, so that the firmware across all your devices is up to date, with no holes where a new cyberthreat can break in. Cluster upgrades are simplified using discretely versioned immutable instances and infrastructure standardization.
In this way, your IT organization can manage and maintain your hardware-based infrastructure, overcoming increasing security challenges as you consistently and reliably provision bare–metal infrastructure services and operating systems. As a result, you can avoid configuration drift and maintain infrastructure security at the same time.
What’s more, to help you better meet and maintain your security goals, some vendors are now offering streamlined mechanisms that eliminate the need for complex encryption and security configurations at every level. This ensures your organization—and its infrastructure—isn’t subject to vulnerabilities due to lack of expertise or incomplete security configurations.
Between the application of zero-trust principles throughout the infrastructure and the elimination of configuration drift, there will be no holes to exploit beyond your front door.
