Diving into Security Research 3 - Defense in Depth

TL;DR

A brief overview of the Defense in Depth principle and the Zero Trust Security Model

Defense in Depth

Defense in Depth is a principle in security that takes the approach of providing security in layers. The layers are:

Prevent > Detect > Recover

The approach is derived from a military principle where it is more difficult for an enemy to defeat a complex, multi-layered defense than a single point. Defence in Depth is useful to minimize the probability that a compromised system is unrecoverable.

Sans Institute Reading Room: Defense in Depth

Zero Trust Model

The Zero Trust Model basically states that you should trust no one and evaluate everything. It is designed to mitigate risk by first analyzing what is important.

Example:

Using some cloud storage service like Dropbox/Google/OneDrive to store your files. Zero Trust Model would tell you that you can’t trust the servers that information is stored in. No matter how secure they are there is always a risk. There could be a breach or someone within those companies could access your files. So what do you do?

Possible Solution #1 - encrypt the files. This provides an additional layer of security outside whatever those companies offer. However, it doesn’t fully solve the problem of protecting the files. What happens if all the encrypted files are deleted?

Possible Solution #2 - backup the files. If all the encrypted files happen to be deleted, you have a backup. Using both solutions simultaneously would provide a more robust approach to protecting your data.

Zero Trust, Evaluate Everything.

Great reads about research conducted on The Zero Trust Model:

Developing a Framework to Improve Critical Infratruscture Cybersecurity

Google Adopts Zero Trust Model: BeyondCorp