ARTICLE
Networking 2.0, Say Goodbye to “Zero Trust.”
by CEO and Co-founder, Barbara Tallent
What is “Zero Trust”?
Companies still using Networking 1.0 technology, with centralized servers to house large amounts of their company data, including incredible detail about their customers and vendors, mostly protect them with account names and passwords. Sysadmins in these companies have full access to all the data in the database. This has led to many different types of attacks including phishing for sysadmin credentials, brute force attacks on passwords, and even deliberate leaks by well-meaning third parties, as some might consider what happened in the case of Edward Snowden¹.
Networking 1.0 technology vendors were (and still are) eager to sell companies more equipment, security layers, and consulting services in an attempt to protect their valuable data. Hence “Zero Trust” was introduced. However Zero Trust came to mean many different things and, in the end, only solved a small piece of the puzzle.
Gartner² loosely defined Zero Trust as: “A shorthand way of describing a paradigm where implicit trust is removed from our computing infrastructure. A Zero Trust security strategy replaces implicit trust with explicitly calculated, real-time adaptive trust levels for just-in-time, just-enough access to enterprise resources.”
If we use this definition, then layering Zero Trust into a Networking 1.0 environment means implementing new security layers, removing and replacing all passwords, and creating a whole lot of new policies for the IT staff to follow. Trying to do this at a time where everyone is desperate to add new devices to the network (often in the form of Internet of Things, or IoT) puts added stress on the IT staff. Microsegmentation is often mentioned in Zero Trust environments, which refers to breaking the network into different “sealed rooms” so if one segment is compromised, it can’t impact another segment. Is it any wonder that IT staff are in such a short supply when we are making their jobs more difficult every single day? This is a recipe for IT bottlenecks, frustration, and an overall negative impact on business progress and employee morale.
Let’s Make This a Whole Lot Easier – Introducing Networking 2.0
Networking 2.0 is a simpler way to use your existing TCP/IP network that has Zero Trust built in, making it inherently more secure and easier to administer – all while going the extra mile to protect privacy.
Zero Trust Built In
In the Networking 2.0 world, everything has its own unique address, it uses a public/private key exchange and keys are cut on the edge and not stored with the data. Data is uniquely encrypted for each address, so data accessibility can be controlled down to the lowest level. There are no usernames and passwords. This also makes privacy compliance much easier and opens a whole new world of communication applications where subsets of data are uniquely routed to different companies or applications.
Going the Extra Mile for Security
To illustrate how Networking 2.0 goes the extra mile to secure your network and devices, let’s take the simple example of using SSH to access a device on the network. In this case, we will use a LoRaWAN gateway as an example, but it could be any IoT device, networking box, or even a mobile device.
In a Networking 1.0 world, the device must have an open port listening in order to allow an SSH connection. This connection may stay open for an extended period of time, and even when the connection is terminated, the port still stays open listening for when the administrator wants to connect again, leaving an attack surface.
In a Networking 2.0 world everything has a unique address and trust is established before the connection is established. The connection is only active while in use and once the session is over, the connection is closed and the trust process must be started anew. All of this happens by design with no need for additional security layers or polices. In the case of the Networking 2.0 product, SSH No Ports, there are never any listening ports on external interfaces on the device.
More on Networking 2.0
Strategies such as microsegmentation mentioned above are unnecessary with Networking 2.0 because each device manages itself and its own data. You can’t get data from one device by compromising another device.
All of this results in a more secure environment that is far more easy for the IT staff to maintain. You don’t have to completely redesign your network in order to start using Networking 2.0 technology. You can start by using it on every new device added to the network, then convert everything over time, until you see the complete benefits of higher security and lower maintenance costs throughout your organization.
Here is some more about Networking 2.0. For a deeper technical understanding of Networking 2.0, please check out this post from Colin Constable.
¹Edward Snowden – Wikipedia
²Gartner – “Quick Answer: What Are Practical Projects for Implementing Zero Trust?”
Mitigating Man-in-the-Middle Risks and Ensuring Data Integrity
Prevent Man-in-the-Middle risks, protect your data, and maintain privacy while implementing corporate policies.
Atsign’s Zero Trust Planes: Policy Plane
Learn how Atsign’s unique policy plane revolutionizes data transmission, eliminating vulnerabilities associated with VPNs and firewalls.
Atsign’s Zero Trust Planes
Learn how Atsign’s innovative use of control, data, and policy planes revolutionizes data transmission, eliminating vulnerabilities associated with VPNs and firewalls.
Why Are There Constantly Escalating Data Breaches and Security Violations?
Data breaches are on the rise. Traditional security measures like firewalls and VPNs have limitations. Atsign offers a new solution with atSigns, a secure digital address that eliminates the need for open ports and complex authentication, simplifying data security.
Transforming Fleet Management with Real-Time Telemetry: An Atsign Use Case
Learn how a real-time telemetry solution with Atsign technology can help a large fleet management company achieve significant improvements in reliability, reduce costs, and optimize maintenance schedules.