The Last Mile of Zero Trust

“Zero Trust” is everywhere in the cybersecurity world. While it’s fair to say that the term is a bit over-used by over-zealous marketers, the security paradigm it describes is real. Broad categories of security exploits can be significantly reduced – if not eliminated – by implementing a zero trust security model that continuously validates user identity, device posture, and resource access. One area that’s often overlooked in zero trust implementations is the last mile: extending the principle of least privilege all the way to end-users of information systems.

What is the last mile of zero trust?

To understand the last mile of zero trust, let’s first review the first mile. A user wants to access a protected resource, such as a customer record stored in their SaaS CRM platform. The user’s identity is verified against the enterprise identity provider (IdP), the security posture of her laptop is validated to conform with enterprise standards, and her access privileges for the CRM platform are verified. Once this level of trust is established, a secure connection is established between her laptop and the CRM platform and the customer record is displayed. In an ideal scenario, everything just mentioned happens in milliseconds and is transparent to the user.

At this point in our scenario, a customer record is displayed on screen. Now let’s consider the last mile: what can the user do with that data?

• Is she allowed to print the page, creating a new physical copy that is more or less untraceable?
• Is she allowed to take a screenshot of the window, creating a digital copy that’s disconnected from the CRM platform?
• Is she allowed to copy notes from the most recent customer support case and paste it in an email? What if she tries to paste those notes in her personal email account?
• Is she allowed to view the customer’s credit card number that was attached in a note regarding a recent billing inquiry?
• When she joins a Zoom meeting and shares her desktop, will that customer record be displayed to everyone in the meeting?

This deeper level of granularity in data protection is critically important – but it’s left largely unaddressed by legacy ZTNA vendors. The principle of least privilege is a foundational tenant of zero trust: a user should be given only those privileges necessary to complete their job. Returning to the example above, her job requires access to customer records from the SaaS CRM platform; her job does not require her to make new copies (printed or digital), move customer data to a personal email, or share customer records to a Zoom meeting. Most of the time, she doesn’t need to view credit card data, but there are some exceptions when she needs that information to resolve a customer issue.

An ideal last-mile security policy would look like this:

• When she is viewing customer records, the function to print or take screenshots is disabled (and she sees a clear message explaining why if she attempts that function).
• If credit card numbers are stored in case notes, they are redacted from view. The InfoSec team set an optional rule to allow a user to toggle visibility (and when toggled, that action is logged).
• When copying data from a customer record, she can paste it within the CRM platform, or within trusted enterprise apps, but she is not allowed to paste that data to a personal email or untrusted apps.
• If she joins a Zoom meeting and shares her desktop, the window with customer records is hidden, but other non-sensitive windows can be shared.
• All the controls above are granularly enforced to apply only to sensitive content like customer records, so she remains fully productive at work.
• Every interaction with the CRM platform is logged to a centralized analytics platform to support fast incident response and investigation.

This vision for embracing zero trust principles for end-to-end security of modern web apps and data inspired the development of Island, The Enterprise Browser. It’s the browser that’s designed for the enterprise that makes work fluid, frictionless, and fundamentally secure. Instead of layering security tools on top of a consumer-focused browser, Island applies security controls within the browser itself. It’s the perfect on-ramp for putting zero trust principles into practice, both at the network layer and at the last mile. Because it’s built around Chromium technology, users enjoy the fast, familiar experience they expect. It’s work as it was meant to be, where security is native to all users, applications, and the data between them.