Castle-And-Moat refers to a network security model in which no one outside the network is able to access data on the inside, but everyone inside the network can. Imagine an organization’s network as a castle and the network firewall as a moat. Once the drawbridge is lowered and someone crosses it, they have free rein inside the castle grounds. Similarly, once a user connects to a network in this model, they are able to access all the applications and data within that network.
Organizations that use this model dedicate a lot of resources to defending their network perimeter, just as a castle might place the most guards near the drawbridge. They deploy firewalls, intrusion detection systems (IDS), intrusion prevention systems (IPS), and other security tools that stop many external threats. However, if the castle can be breached via the sewers (or a network flaw in an Internet-enabled service similar to the March 2021 Exchange Server breaches) then the Castle and Moat approach is ineffective at stopping cyber attacks.
Then there is the issue of insider threats. If someone becomes curious who is already inside the castle walls, should they be allowed to view and access anything they wish?
Castle-and-Moat is no longer an appropriate cybersecurity strategy. The term is used to contrast traditional network architecture with the zero trust model.
With the Castle-and-Moat security methodology becoming outdated, it’s recommended to start using the Zero-Trust approach. The Zero Trust model of information security gets rid of the old strategy that had organizations focused on defending their perimeters while assuming everything already inside doesn’t pose a threat. Experts argue that the castle-and-moat approach doesn’t work. Game of Thrones proved this to be true time and again; anyone who could get past the castle walls could and would kill you. In our world, the most damaging data breaches occurred when hackers gained access inside corporate firewalls and are then able to move through internal systems without much resistance.
IT Managed Service Providers (MSPs) can help you with Zero Trust. They can deploy Two-Factor Authentication, Identity Access Management (IAM), ‘least privilege‘ on file server folders, removal of administrative rights to local workstations, and even network segmentation.
Zero Trust is a difficult but necessary model for SMBs to adopt: networks must be segmented, two-factor authentication enabled and combined with strong Identity and access management protections, and you must follow the principles of Least Privilege for access to critical and sensitive data.
In addition to these protections, CyberHoot also recommends SMBs take the following steps to secure their business. These measures provide a great deal of value for the cost and time investment they require (especially when delivered via CyberHoot).
Most of these recommendations are built into CyberHoot. With CyberHoot you can govern, train, assess, and test your employees. Visit CyberHoot.com and sign up for our services today. At the very least continue to learn by enrolling in our monthly Cybersecurity newsletters to stay on top of current cybersecurity updates.
Sources:
Additional Reading:
Moving from the Castle-and-Moat to the Zero-Trust Model
Related Terms:
CyberHoot does have some other resources available for your use. Below are links to all of our resources, feel free to check them out whenever you like:
Note: If you’d like to subscribe to our newsletter, visit any link above (besides infographics) and enter your email address on the right-hand side of the page, and click ‘Send Me Newsletters’.
Discover and share the latest cybersecurity trends, tips and best practices – alongside new threats to watch out for.
A recent discovery by cybersecurity firm Oligo Security has unveiled a series of critical vulnerabilities in...
Read moreA newly uncovered cyberattack campaign is exploiting Zoom’s Remote Control feature to infiltrate the systems...
Read moreGet sharper eyes on human risks, with the positive approach that beats traditional phish testing.