Zero Trust has nothing to do with losing trust in people -- it's more that you shouldn't trust it's the real person trying to get access. And with the improvements Zero Trust has brought to authentication, attackers have adapted to exploit privileged access. To protect against these attack techniques, your business needs to eliminate standing privileges.

Zero Trust is often misunderstood as the elimination of trust

People new to the concept of Zero Trust often think it means that you don’t trust people, when in fact it’s about zero inherent trust. “Never trust, always verify” is the foundational tenet of Zero Trust. This principle requires that no entity — whether it is a user, device, or application — is trusted by default. However, once an identity and device are verified, they are granted all the trust your organization has in the corresponding person. If the user is trusted to access a database with customer information, this standing access is available every time they log in. 

Zero Trust is similar to how most corporate offices have a security guard and badge scanners in the lobby to always verify. If someone is granted access to the server room or HR files when they join the company, they are trusted to do so at any time they are in the building. There’s rarely a reason to change someone’s privileged access in the office, and it’s highly unlikely that a malicious actor would have the sophistication to both spoof a badge reader and visibly impersonate the legitimate owner of it.

Residual trust gives attackers access to critical data

Unfortunately, corporate networks and SaaS applications are not like building security – attackers are constantly adapting to find a way to surpass verification. And once in, the latest research from Cisco Talos shows that the abuse of legitimate privileged access accounted for the majority of security breaches last year. They are feasting on the trust we've distributed across cloud platforms and SaaS applications – this privilege sprawl led to an increase in tools and techniques to exploit them.

Once a cyber attacker gains access with a stolen identity, they are trusted to do anything the legitimate user can do. They exploit this trust to grant more privileges and steal more identities, until they find one with permission to access sensitive data. It’s no different from Mission:Impossible movies, where stolen badges grant the intruder access to the building, then they steal another badge to reach the most high-security rooms. You may not need the physical security of a spy organization, but we all need to assume a cyber attack will get through the front lobby.

Eliminate residual trust with zero standing privileges 

Meticulously reviewing everyone’s access reduces your susceptibility to these tools and techniques, but it’s laborious and near impossible to determine which privileges are still needed. Despite widespread buy-in on the principle of least privilege, business needs to continue, so more privileged access is granted all the time. When privileges are first obtained, the necessary work gets done, and everyone moves on to the next task. This trust is often permanent, even if the user will never need access again.

If these privileges are only used for 8 hours a month (~1% of the time), standing access means a 100X increase in time they could be abused. Zero standing privileges (ZSP) is a shift in how you trust the users in your organization, and it eliminates that risk by approving users to self-provision. You can approve someone’s access to a customer environment for three months, and yet, unless they send one command to a Slack bot, the approved access isn’t available to be exploited. It’s like if Ethan Hunt stole your badge and retina scan to access the world’s most secure room, but he had to wait at the door for days before you need to enter.

At Trustle, we aim to get every company to zero standing privileges. It’s what drives us. To see how, join us for a demo.

‍