A layered Security Perimeter Approach to Zero Trust
In order to continue to ensure zero trust security outcomes over time, cyber security teams are taking a page from the traditional physical security playbook. When I was in the Secret Service, I helped refine the adoption of a layered hybrid zero trust approach for presidential protection, by leveraging technology and cyber as well as physical security human placement long described as a layered, four-perimeter, coordinated approach to securing highly targeted critical systems, venues and events. Layered security is a design concept that has been around for a while. It has also been called “concentric circles of protection” and “compartmentalization.” Such an approach is both applicable to Cyber as it is to Physical and more importantly you can now create a zero-trust layered approach with both security models:

Buffer Zone (Outside the Perimeters)

Outer Perimeter

Middle Perimeter

Inner Perimeter

So, what is physical security in the “Buffer Zone”? – Counter Surveillance, Bio sensors, human intelligence and so on. So where do you prefer to first engage the bad guys? At your property line that starts at the outer perimeter. Or do you prefer to “live” in a gated community, where risk is limited outside your perimeter because it is better to deal with the problem before they get to your driveway or at your front door. Cyber and IT teams– can now orchestrate access in the buffer with patented product called Zone Zero!

Zone Zero authenticates user access outside the firewalls. Providing Zero trust on a virtual network and executing access orchestration with less risk. Zone Zero (aka Buffer Zone Protection) allows for No lateral movement until multifactor factor authentication actions are performed. This orchestration is currently preformed inside the outer perimeter layer at almost all organizations until now. Same with physical security. In physical security models the Middle Protective Layer is where you find magnetometers, x ray machines, trace detection, etc. Same with typical cyber architecture–access controls and firewalls and endpoint security tools provide security for the middle perimeters. Inner Protective Layer –In physical security models this is where the crown jewels reside where extremely sensitive access tools (SD-WAN access) provide access to your network or as in the case of the Secret Service the “Protectee” or POTUS.

These layers of security typically start from the outer perimeter and move inward to the areas with the greatest need for protection. To the greatest extent possible, each layer is designed to delay an attacker, identify criminal activity, deter unacceptable behavior, or prevent unauthorized access only to vetted individuals. This strategy is also known as protection-in-depth at the Secret Service. If thoughtfully planned, the delay should either discourage a penetration or assist in controlling it by providing time for an adequate response. Discrete security at each layer has a trickle-down effect of increasing security in subsequent layers. One good way to approach your technology design is to ask two questions for each security layer you have identified: “What security functions should we implement?” and “What technology will support those functions?”

I am excited to get some feedback from anyone reading this post. Let us know at Philemon and we will give you a closer look.