Zero Trust: my cloud is my castle

The term `Zero Trust´ has been around since around 2010 but is getting more attention than ever these days. Identity and Access Management (IAM) solutions like Suite are uniquely positioned to implement the Zero Trust principle and defend organizations against the rising number of threats.

Different evolutions have led to an awareness that organizations need to reduce trust on the network. Just think of the explosion of mobile computing and the increased use of Software-as-a-Service (SaaS) and other cloud consumption models. COVID-19 forced most people to work from home, and remote working became an extra risk factor for corporate networks.

Understanding Zero Trust

To really understand Zero Trust, we need to go back to the start of networking and the internet. For a long time, organizations practiced the ‘fortress’ principle: they built a wall around the company, for instance by installing a firewall that kept everyone out who was not granted access by the gatekeeper. Once the user has proven who he is, he can enter the fortress and consult any data or documents available. As ever more applications and data are moving to the cloud, the fortress principle will no longer do.

A number of evolutions have contributed to invalidating the fortress principle:

  • Companies started working with more external people, either partners engaging in open innovation, or contractors working as freelance employees. These external people need access to certain applications or documents, but not all resources should be made available to them.
  • Remote working was already a trend before COVID-19 struck, but since the lockdowns in 2020, working from home has become the norm rather than the exception.
  • Cloud applications: it would be difficult to find a company that does not have a hybrid strategy and is not using any application in the cloud or any Software-as-a-Service (SaaS) application.

That’s why companies are moving from ‘Trust, but verify’ to ‘Never trust, always verify’. This is the basis of Zero Trust.

Implementing Zero Trust

With Zero Trust, anyone consulting a document or using an application needs to prove who he is and what rights he has to the document. A Customer Identity and Access Management (CIAM) system always starts from a Zero Trust principle: any time a person wants to consult a document, the CIAM system will check if that person is who he claims to be and if he still has the necessary rights to that document.

Zero trust is at the core of the Suite. TrustBuilder checks every request on the fly at Identity Providers, Authentication Servers and Application servers. Unlike traditional CIAM solutions, has the ability to check not only information provided by Identity Providers but can also retrieve information from internal, external and authoritative sources. It checks if the user still has the correct roles, privileges, and requirements to access a specific resource. By performing these checks in real time, TrustBuilder is always sure of consulting the accurate and updated information.

Deciding who has access to what resource can be based on the role a person has in an organization or, when more fine-grained security is needed, can be based on attributes of the person. Using an attribute-based access management system like TrustBuilder can define, in more detail, what attributes are asked of a user to verify their identity.

Zero trust: who do you trust? What do you trust?

Zero trust is not only applied to human users. After all, not only human users are seeking access to applications, other applications are too. That means that applications, too, need to be scrutinized, or the APIs that connect the different microservices. Even when an API has authenticated with the gateway, we do not automatically grant access to that API to consult other APIs. Instead we provide an extra authentication check for airtight API security.

Cloud computing brought a new paradigm to the way IT is consumed. At the same time, it brought new challenges to the way applications and resources need to be protected. Thanks to Zero Trust, you can now fortify your cloud as was the case when you applied the fortress principle. The cloud has effectively become your new castle.


Frank Hamerlinck

Frank Hamerlinck

As co-founder of global trade management leader Porthus, customer experience platform NGDATA, and strategic consulting services company innacco, Frank embodies the entrepreneurial mindset. His 20+ years of ICT experience is complemented by his position as ‘Entrepreneur in Residence’ at iMinds and coach at Netwerk Ondernemen.

Related articles

Behind the scenes: how a product comes to life at TrustBuilder
Markets evolve fast – products have to evolve even faster. Working in the product team at TrustBuilder is very much like playing in the Premier League: high intensity, high pressure, high quality. We took a tour of the grounds with Kurt Berghs, Product Manager at TrustBuilder, to understand how products are initiated and designed and how new features are prioritized. And how the customer is always front and center in all developments.
Want to build a digital ecosystem? Start with embedded finance.
If you are not building a digital ecosystem yet to supplement your own services, now is the time to start. Strategy consultants like McKinsey or Accenture are urging companies to become the leader in these ecosystems if they don’t want to be left behind. Don’t know where to start? Embedded finance is a good first building block when forging a more complete portfolio of services.
IAM is at the heart of a modern IT architecture
With in-person events coming back in full force these past few months, we have had lots of face-to-face conversations with customers, prospects, partners and analysts. It is so refreshing that we are now able to bounce off ideas again with all these talented people in our industry. We talked to TrustBuilder CEO Frank Hamerlinck about the latest evolutions.

Book a meeting

Engage in a chat with our product people to discuss IAM trends and challenges, and our solutions.

Request a Maturity Assessment

Take our Maturity Assessment to find out how you can accelerate your digital transformation.

Schedule a demo

Experience the power of Suite through a demo, personalized to your challenges.

Contact us

Visit our offices, send us a mail, call us, or simply fill out a contact form.