First coined by Forrester back in 2009, it is only recently that organisations have begun to take a zero-trust approach to security. However, the approach is on the rise.
According to recent research, the number of companies working on some form of zero trust initiative has now reached 90%, up from just 41% the previous year.
Zero trust network access (ZTNA) is one of the key pillars of zero trust— a model that requires both internal and external users to be continually authenticated before they can access applications and data within a network.
ZTNA ensures that users and their devices are authenticated before they can access data, regardless of where the request originates, and applies least privileged access principles. Users are granted granular access to specific applications through an encrypted tunnel, rather than to the network. Furthermore, applications are hidden from view, keeping them away from prying eyes.
However, there are some misconceptions around ZTNA. Some believe that it can be costly and complex to implement, but this is not necessarily the case.
If your organisation has not yet established zero trust network access, how can you make the case for this approach and ensure its security benefits are reaped?
With organisations' applications now accessed from an ever-growing number of locations, this has in turn increase the attack surface from which adversaries can infiltrate a network. Combined with increasingly sophisticated tools as attackers' disposal, organisations' security must now be prioritised more than ever.
In this context, water-tight security is key, and ZTNA is one way to achieve this. ZTNA provides granular, identity-based access, with organisations able to set up device-specific access policies, keeping vulnerable or unsecured devices away from the network.
As organisations move important applications across multiple cloud environments, ensuring that applications are only accessed by authorised users can become more complex. ZTNA solutions make it easier to control what cloud-based resources users can access, limiting it only to what is strictly necessary. When it comes to protecting an organisation's data from adversaries, users cannot see applications they are not authorised to access, making it harder to gain further access in the event of an account compromise. Put simply, in the event an account is compromised, it is far harder for adversaries to gain a complete picture of the network.
With employees increasingly distributed across multiple locations, traditional approaches to network security may no longer offer organisations adequate protection from cyber-attacks. Organisations' security perimeters are now broader than ever and implementing application access policies that continuously verifies users and devices should be a priority for all organisations to ensure they can keep up with the changing cyber environment.
This post is sponsored by Fortinet