Partner Insight: Making the case for Zero Trust Network Access at your organisation

clock • 2 min read
Partner Insight: Making the case for Zero Trust Network Access at your organisation

First coined by Forrester back in 2009, it is only recently that organisations have begun to take a zero-trust approach to security. However, the approach is on the rise.

According to recent research, the number of companies working on some form of zero trust initiative has now reached 90%, up from just 41% the previous year.

Zero trust network access (ZTNA) is one of the key pillars of zero trust— a model that requires both internal and external users to be continually authenticated before they can access applications and data within a network. 

ZTNA ensures that users and their devices are authenticated before they can access data, regardless of where the request originates, and applies least privileged access principles. Users are granted granular access to specific applications through an encrypted tunnel, rather than to the network. Furthermore, applications are hidden from view, keeping them away from prying eyes.

However, there are some misconceptions around ZTNA.  Some believe that it can be costly and complex to implement, but this is not necessarily the case.

If your organisation has not yet established zero trust network access, how can you make the case for this approach and ensure its security benefits are reaped?

With organisations' applications now accessed from an ever-growing number of locations, this has in turn increase the attack surface from which adversaries can infiltrate a network. Combined with increasingly sophisticated tools as attackers' disposal, organisations' security must now be prioritised more than ever.

In this context, water-tight security is key, and ZTNA is one way to achieve this.  ZTNA provides granular, identity-based access, with organisations able to set up device-specific access policies, keeping vulnerable or unsecured devices away from the network.

As organisations move important applications across multiple cloud environments, ensuring that applications are only accessed by authorised users can become more complex. ZTNA solutions make it easier to control what cloud-based resources users can access, limiting it only to what is strictly necessary. When it comes to protecting an organisation's data from adversaries, users cannot see applications they are not authorised to access, making it harder to gain further access in the event of an account compromise. Put simply, in the event an account is compromised, it is far harder for adversaries to gain a complete picture of the network.

With employees increasingly distributed across multiple locations, traditional approaches to network security may no longer offer organisations adequate protection from cyber-attacks. Organisations' security perimeters are now broader than ever and implementing application access policies that continuously verifies users and devices should be a priority for all organisations to ensure they can keep up with the changing cyber environment.

This post is sponsored by Fortinet 

Sign up to our newsletter

The best news, stories, features and photos from the day in one perfectly formed email.

More on Security Technology

NCSC CTO: UK tech sector not incentivising companies to build secure software

NCSC CTO: UK tech sector not incentivising companies to build secure software

Calls for market reform to usher in secure future tech

clock 17 May 2024 • 2 min read
Wales launches CymruSOC, the UK's first national cybersecurity operations centre

Wales launches CymruSOC, the UK's first national cybersecurity operations centre

A ‘defend as one' approach for public services

John Leonard
clock 10 May 2024 • 1 min read
How a council consolidated security tools and saved 40%

How a council consolidated security tools and saved 40%

Savings came from lower licencing costs and fewer training and service requirements

John Leonard
clock 24 April 2024 • 4 min read