Extending the Zero Trust Maturity Model with Data Resilience

This is the third and final blog posting in the series accompanying our new research whitepaper, introducing the concept of Zero Trust Data Resilience. Our first blog post, in which we introduce this concept and its principles, is here. In the second post we explore the reference architecture, which is available here. 

Today’s blog posting focuses on the extensions to the Zero Trust Maturity model, specific to the Data Resilience domain. The CISA Zero Trust Maturity Model (ZTMM) doesn’t provide very much specificity about data backup and recovery, which led us to introduce four new functions we propose adding:

• Access to Enterprise Data and Systems
• Access to Backup Storage and Data
• System Resilience
• System Monitoring and Validation

The research whitepaper contains our full explanation and analysis for these, so we’ll simply summarize here, and provide a sample maturity pathway.

Access to Enterprise Data and Systems: This function is defined as the means and mechanisms by which the backup management system has access to the source data that it’s responsible for backing up. The maturity stages for this function are shown in the image below.

For this function, at the Traditional stage, the enterprise has a flat enterprise network, and uses static credentials for backup management system (BMS) access to source data. And the organization has manual processes for writing data during recovery. In the Initial stage, they have deployed a Zero Trust Policy Enforcement Point (PEP) to control access to source data systems. As they advance into the Advanced stage, they begin using contextual access policies, and also have semi-automated processes for data recovery. In the Optimal stage, they further tighten access policies to align with read frequency and times, and have enhanced their recovery processes with more automation and tighter access control policies.

The other three maturity model functions, which we explore in depth in the whitepaper, are:

Access to Backup Storage and Data: The mechanisms by which the backup management system has write and read access to the backup storage, and the data stored there.

System Resilience: The characteristics of the backup system with respect to its resistance to system failure, component failure, or malicious activity.

System Monitoring and Validation: The tools and processes by which the enterprise ensures that their backup management system and backup storage is operating correctly, and that the enterprise is capable of executing a recovery process when needed.

Next, we conclude the conversation with data backup and recovery expert Tom Sightler, who is Vice President, Product Management, Enterprise Solutions at Veeam Software. Veeam is a data backup and recovery company, whose solutions help customers achieve Zero Trust Data Resilience.

Jason: How are you both seeing awareness and adoption of the CISA Zero Trust Maturity Model?

Tom: Enterprises like the concept of Maturity Models, since they are largely objective, and give the enterprise an easy-to-understand roadmap for implementation and process improvements. This is true for smaller and mid-size enterprises to some degree – of course they appreciate the guidance, but  maturity models are not always constructed with the more limited resources of smaller organizations in mind.  They may need to adapt the steps and targets to meet their enterprise’s scope and size.

Jason: This is a good point – I’d like to reinforce for our readers that maturity models should be viewed as a starting point for comparison and implementation, but shouldn’t be considered to be carved in stone. Security and IT teams should feel empowered to change them, although only with careful consideration. OK, let’s shift gears and talk about how storage teams can and should get involved in a Zero Trust initiative.

Tom: Many enterprises have a natural three-year budget and storage capacity cycle, and may often have multiple storage infrastructures. So it’s likely that many enterprises have an upcoming budgeted project to analyze and improve their backup storage systems. 

So, this is a great time for them to get closer to the security team, and better align with their Zero Trust strategy and architecture. Storage teams should also be encouraged to be proactive about having their enterprise adopt Zero Trust.

Jason: Agreed – and while an overall Zero Trust strategy needs to be driven by the security team, the backup and storage teams can and should be involved and be supportive, and the framework we introduce in this whitepaper gives them a guide to do so.

Thank you for reading – we’re pleased to have been able to create this research, and to share it with the information security community. We’re optimistic that this will be well-received, and help enterprises of all sizes to achieve more effective and more resilient data security.

The new research is available here. If you missed the LinkedIn Live event, you can watch the replay of Tom and me here.

And, if you’re interested in applying this Data Backup and Recovery resilience model to your enterprise, sign up for a free 30-minute workshop here.