Zero Trust Architecture (ZTA)
What is Zero Trust Architecture (ZTA)?
The traditional security approach allows lateral movement in a castle and moat environment, meaning users can easily access any application once they enter the network. Unlike traditional security, Zero Trust is a security architecture that prohibits lateral movement within an enterprise by monitoring users’ movements (continuous monitoring); reviewing users’ location, authentication tokens, and device identities (contextual authentication); as well as re-authenticating users every time before access is granted to applications within the network (micro segmentation).
Zero Trust has no trusted networks or locations. It is not achieved with a single tool or solution. Instead, Zero Trust utilizes various tool suites working together to protect an organization’s resources, automate processes, enforce policies, and isolate components against threats. With the Presidential Executive Order (EO) 14028, “Improving the Nation’s Cybersecurity,” Federal agencies must fully migrate to a Zero Trust environment.
How will U.S. Department of Justice (DOJ) achieve Zero Trust?
The Department is taking an identity-centric approach to Zero Trust. In response to the SolarWinds incident of 2020, DOJ evaluated Zero Trust Products, developed a ZTA Program to manage and deploy selected products, and created architecture using Zero Trust principles from OMB Memoranda M-22-09, NIST Special Publication (SP) 800-207 and CISA’s Zero Trust Maturity Model, which include:
- All users enter the network as a general user and must be authenticated from a variety of data points, including phishing resistant credentials, IP addresses, or other device-level signals, before they are authorized into any application; to become a privileged user, step-up or re-authentication is required.
- Applications are micro-segmented throughout the network, where possible, to eliminate lateral movement.
- End-to-end encryption is key, as is hardening the network to remove any backdoor entry. For visibility within the network, data is constantly logged, analyzed, and monitored.
A Shift in Culture
Zero Trust is an IT modernization effort that affects more than applications and the network - it also affects people and processes. OCIO supports over 40 DOJ components with their own unique environments. Our focus is on our customers – DOJ’s Zero Trust Program provides components the support they need to adopt new services and products through constant engagement and expressing the benefits of ZTA, which are:
- Improved data protection
- Enhanced access control
- Improved enterprise cyber security visibility and response
- Better end-user experience
- Ease of system access across components
- Minimized exposure to cyber threats
OCIO creates strong communications to educate leadership, application owners, as well as general users on the benefits of Zero Trust.