Zero Trust: Trust Nobody (Except the Vendor)
Zero Trust Security: Why It's Not a One-Size-Fits-All Solution
Almost every vendor seems to be pushing some form of Zero Trust offering with the promise stronger protection and a more secure environment, but the reality is that you may not achieve the outcome you expect.
Despite what some vendors would have you believe, Zero Trust is not something that exists in a single product or service. It is a security model, a framework that requires careful design, planning, and implementation to be effective. When poorly implemented, Zero Trust can create a false sense of security, leaving critical gaps unaddressed.
What is Zero Trust?
“Trust only after testing” - Lucius Annaeus Seneca
Zero Trust is a Cybersecurity approach built on the principle of never trusting and always verifying. Unlike traditional security models that assume everything within the perimeter is safe, Zero Trust requires continuous verification of every user, device, and application, regardless of location.
Born at the beginning of the first century, I think it is safe to say that Seneca would have had little thought of our modern digital world but clearly even two millennia ago it was understood that trust needed to be earned and yet today we see Zero Trust marketed as a brand-new approach to cybersecurity.
When correctly implemented, a Zero Trust methodology should enforce strict identity checks, least-privilege access, network segmentation, and constant monitoring to limit risks and prevent lateral movement by attackers. Rather than relying on a secure perimeter, it assumes breaches are possible and focuses on protecting data and systems through ongoing verification and minimal access.
The Hidden Risks of Zero Trust: Are You Trusting Too Much
Ironically, many so-called Zero Trust solutions require you to place a significant amount of trust in the vendor delivering them. Whether it is your identity provider, network access broker, or cloud security gateway, you are often relying on vendors as the backbone of your Zero Trust architecture. If this reliance is not fully understood, you may end up shifting or increasing risk rather than reducing it, potentially exposing your environment to new vulnerabilities.
The Encryption Dilemma: Are Gateways a Risk?
Consider that you are hosting a banking application and your clients connect directly to your server using HTTPS. Data in transit will be encrypted using SSL/TLS by the clients’ browser and will only be decrypted when it reaches your server. Similarly, data from your server will be encrypted using SSL/TLS and only decrypted when it reaches the clients’ browser.
This is end-to-end encryption, and when implemented and maintained correctly, it should prevent anybody between the client’s browser and your server from intercepting sensitive data. (We will ignore the threat to current SSL/TLS implementations imposed by near-future quantum computing possibilities.)
You may wish to provide additional protection for your server by implementing a cloud security gateway so that clients do not connect directly to your server but instead connect to the gateway. There are many advantages to this, but what should also be considered is that now data in transit will still be encrypted by the client’s browser, but instead of remaining encrypted until it reaches your server, it will be decrypted on the gateway and then re-encrypted for onward transmission to your server.
This allows anybody with control of the cloud security gateway to view sensitive data in both directions, including usernames, passwords, and session tokens, enabling them to have full access to your clients’ bank accounts. Right now, you may trust your vendor not to misuse this ability, but what if the vendor is compromised and an attacker can take control of your clients’ accounts?
Defence in Depth Still matters
Zero Trust is not a silver bullet. Strong cybersecurity still relies on a defence in depth approach where multiple controls protect against failure in any single layer. Zero Trust should be viewed as an additional layer of security, not a replacement. If your vendor tells you their Zero Trust solution will replace all your existing security products then you should perhaps consider if it is in fact your security vendor that may need replacing.
In Summary
Zero Trust can deliver real security benefits, but only if implemented thoughtfully as part of a broader, layered defence strategy. Blindly adopting vendor solutions without considering trust dependencies and integration risks may leave you less secure than before.
