schedule a demo

The Evolution of Identity Security in Zero Trust: A Journey Toward Optimal Implementation

Updated: Nov 16

Although it may have gone slightly unnoticed, the term “zero trust” recently celebrated an important anniversary on November 5th. This date marks the 13th anniversary of the publication of John Kindervag’s Forrester Research whitepaper titled, “Build Security Into Your Network’s DNA: The Zero Trust Network Architecture.” Interestingly, the word “identity” is not even mentioned once since the main focus of the document was how zero trust would change how we design and build networks.

However, the statement in the paper that “there are no longer trusted and untrusted users” does hint at the important role that identity security now plays in supporting the implementation of zero trust strategies. A 2022 study from the Identity Defined Security Alliance found that 51% of identity security professionals said their organization’s identity program had been included as an investment area to support their zero trust implementation.

 

When considering the central role that securing identities plays in supporting zero trust, it is surprising that the percentage is not higher. Without robust identity security, a zero trust model cannot function effectively. Every element of an organization’s identity infrastructure plays a critical role in supporting zero trust, which is why identity is one of the five core pillars of the CISA Zero Trust Maturity Model. (On an interesting side note, the word “identity” is mentioned 40 times in Version 2.0 of the CISA document!)

 

In the identity pillar, CISA focuses on four main areas: Authentication, Identity Stores, Risk Assessments, and Access Management. Here is a brief rundown of the recommended optimal state that CISA has defined for each function:

  • Authentication. Organizations begin to authenticate all identities using phishing-resistant multi-factor authentication (MFA) and attributes.

  • Identity Stores. Organizations integrate their identity stores, such as on-premises IAM systems, cloud identity providers (IdPs), and active directory across all partners and environments as appropriate.

  • Risk Assessments. Organizations determine identity risk with some automated analysis and dynamic rules. This informs access decisions and response activities, providing a more proactive approach to managing identity risk.

  • Access Management. Organizations authorize need-based and session-based access, including for privileged access requests. This access is tailored to actions and resources, ensuring access rights are granted on a need-to-know basis.

CISA further details capabilities that apply across all four Identity functions around Visibility and Analysis, Automation and Orchestration, and Governance.

 

There is certainly A LOT of work to get to an optimal state as defined by CISA. It is compounded by the fact that 65% of IT leaders operate in a multi-cloud environment and have an average of 130 SaaS applications. That is why organizations are increasingly looking at solutions like AuthMind that offer identity security posture management (ISPM) to help them on their Zero Trust journey.

 

Here are some examples of how AuthMind can help:

  • Identify user accounts and applications not authenticating with MFA due to misconfiguration issues or shadow local accounts.

  • Detect service accounts being misused for user access, thus bypassing user authentication controls like MFA.

  • Find identity stores not managed by the organization’s IT admins, such as shadow directories or IdPs, that can be used to enable unauthorized access to users and 3rd parties.

  • Identify all user, service, and device accounts in use across the enterprise to enable comprehensive risk assessments.

  • Provide visibility to unauthorized asset access that bypasses security tools such as zero trust network access (ZTNA) and privileged access management (PAM) that do not align with an organization’s zero trust policies.

To wrap up, as we celebrate the 13th anniversary of the term “zero trust,” it’s clear that the landscape of cybersecurity has evolved significantly, with identity security now playing a pivotal role in implementing zero trust strategies. While strides have been made, much work is still needed to reach the optimal state defined by CISA.

 

Solutions like AuthMind, offering identity security posture management (ISPM), are increasingly being sought after to aid organizations on their zero trust journey. By identifying misconfigurations, detecting misuse of accounts, finding unmanaged identity stores, supporting risk assessments, and providing visibility to unauthorized asset access, tools like AuthMind are instrumental in helping organizations navigate the complexities of implementing a robust zero trust model.  

 

Reach out to connect if you’d like to learn more!