Dr. Bobby Blumofe, Chief Technology Officer of Akamai, discusses zero-trust security models and how they impact employee morale. 

Security: What is your background and current role?

Dr. Blumofe: I became Akamai’s Chief Technology Officer this past March.  With almost 22 years at Akamai, I was most recently General Manager of our Enterprise Division and Executive Vice President of our Platform Division, which included responsibility for the Akamai platform, Information Security, and internal Information Technology.  Before Akamai, I earned the Ph.D. in Computer Science from MIT and was Assistant Professor at the University of Texas. 

Security: 2020 saw a sharp increase in cyberattacks due to COVID-19—86% of which were attributed to cybercriminals. With this in mind, how can security models focused on least privilege minimize unintentional accidents?

Dr. Blumofe: I think of the Zero Trust security model essentially as a very strong form of the principle of least privilege, and indeed a Zero Trust architecture not only significantly reduces the risk from cyberattacks, it also minimizes the risk from unintentional accidents.

In contrast, in the traditional access model (as provided by a VPN, for example), a user who is on the corporate network is able to see any application that is on the network.  They may not be able to login to every application, but if they can see an application and get it to present a login screen (or begin any other form of login challenge), then they are causing that application to execute code which may have vulnerabilities that can be exploited for compromise. This unfettered network access is not needed and is a clear violation of least privilege.

Instead of providing network access, the Zero Trust model provides access to specific applications, and only to those who are authorized to use each application.  All other applications are effectively invisible to users who aren’t authorized.  And just as this property holds for users, it holds for any malware that may be on the user’s machine -- the applications are invisible. Thus, this Zero Trust access model makes it much harder for malware to find and exploit vulnerable applications.  Couple this Zero Trust access model with Zero Trust threat protection, and you have a very strong form of least privilege that makes it much harder for malware to get in and much harder for malware to spread.

The Zero Trust model also minimizes the risk from unintentional accidents.  If a user accidentally clicks on a phishing link or tries to visit a malware site, the Zero Trust threat protection will automatically block that access.  If this safety mechanism fails and the user does get malware on their machine, the threat protection can block that malware from communicating with command and control or exfiltrating sensitive data.  In addition, the Zero Trust access makes it much harder for the malware to spread.

Security: Does the term “zero-trust” give IT and security professionals a bad name? Why?

Dr. Blumofe: The term “Zero Trust” derives from the fact that in a Zero Trust access model, users are not given any additional privilege or level of trust by virtue of simply being on the corporate network.  One could say, then, that the Zero Trust system does not trust anyone, not even employees, not even when they are on the corporate network, but really it’s just a strong form of least privilege.  So I think that if people really understand what Zero Trust means, then it should not give security professionals a bad name.

Security: How do zero-trust security models impact employee morale?

Dr. Blumofe: I sleep better knowing that the Zero Trust systems are inspecting all of my accesses, ensuring that I can access only those systems for which I have been granted access, and thereby ensuring that an innocent mistake on my part does not cause harm to the company.  I pay attention to our security training, including our anti-phishing training, but I could still make a mistake, click on a link that I shouldn’t have. I like knowing that there is a system that is automatically checking these things. Maybe what’s really happening is that I don’t fully trust myself.

Security: Is there another term that can replace zero trust?

Dr. Blumofe: It’s hard to see the term Zero Trust being replaced any time soon.  Zero Trust works because it is descriptive. The tech industry is good at coming up with new terms for similar approaches, which can cause confusion, so I hope Zero Trust sticks and people focus on implementing the model.