Zero Trust & ZTNA

Tony MasonCASB Cloud Application Security, Cyber Security, Data Protection, MFA, Web Security

Zero Trust Security

Zero-Trust is a security framework of products or services that removes inherent trust from your organisation. Instead it requires strong, regular authentication/authorisation of all devices and users, together with context & policy adherence. Zero-Trust Network Access (ZTNA) is a term coined by Gartner. It uses the concept of ‘Zero Trust’ in the control of access to the company’s resources at the network level. With the new model of remote working, instant access to applications, services and data at any location or time, Zero Trust ZTNA is the potential future of network security.

Cyberattacks aren’t just a direct threat to an organisation’s income and reputation. In fact, the threat to business continuity is just as concerning as the spectre of data loss.

Research points to the scale of the risk. In 2021, one in five mid-market businesses (21%) suffered a ransomware attack and subsequently paid the ransom. For each successful ransomware attack, businesses are subject to very real disruption, with essential files, systems, or devices locked away. Ransomware can stop workers from fixing the problem and continuing with business as usual.  This is all while employees are blocked from accessing essential information or even the entire network.

No matter the sector, the impact of this kind of disruption can be serious. Whether it’s knowledge-based companies unable to access their email servers and interact with clients. Or utilities providers unable to log jobs and request parts, continuity breaches are no joke.

The Remote Risk

This isn’t a static problem: the scale and complexity of the threats involved are growing exponentially. The corporate boundaries that used to mark the line between ‘safe’ and ‘unsafe’ have dissolved. Work is no longer a place. It is an activity, and the pandemic has only accelerated that with the move to remote work in many industries.
That means defining what’s a safe network, device, or login and what isn’t is now much more complex. Keeping on top of security for hundreds or even thousands of individual users, all connecting via a whole range of setups, seriously increases the risk of a continuity-breaking attack.
Yet research indicates that over half (51%) of mid-market firms admit they have not purchased cybersecurity products that protect against threats for hybrid and remote workers. And 41% of organisations admit that future-proofing their cyber defences ‘needs development’. Therefore, security needs a fundamental rethink to deliver rapid and secure access across business ecosystems.
Much has been said about the end of the traditional perimeter and the need for organisations to adapt and develop a Zero Trust security stance in response. But what does this mean in practice?

Zero Trust

In short, when it comes to providing secure access to network resources, a Zero Trust security model turns the old idea of ‘connect then authenticate’ on its head. Instead, it establishes a paradigm in which trust is consistently re-evaluated based on real-time behavioural data, not a single successful login. Think of it like those scenes in blockbuster movies where the heroes infiltrate the villain’s lair – one mistake and all the alarms in the building are blaring. Zero Trust is more nuanced than that, but the basic principle is the same.  If something looks suspicious, stop it first and ask questions later. Don’t just let it keep walking around because it flashed the right badge on the way in.
‘Trust no one’ may seem like an extreme mantra, but in today’s cybersecurity landscape, it’s essential. Here are four key steps to guide you along your way in understanding and implementing a Zero Trust position.

1) Trust no-one

This is the cardinal rule for perimeter-less security. The aim is to achieve a Zero Trust position. This is to ensure that users, devices, and logins are continually assessed and re-evaluated before access is granted to corporate resources. Rather than operating a ‘one and done’ policy, a Zero Trust approach dictates that every attempt to access potentially confidential information or systems should be met with checks and balances.

2) Follow the user

For seamless Zero Trust, security needs to go where people go. It needs to flawlessly adapt to whatever device, network or location they are using. Rather than denying access to unrecognised devices or simply requesting a password, businesses need systems that can draw on more complex datasets to make context-aware decisions. In other words, they need…

3) Smarter Security

…which can fuse context and identity to understand what ‘normal’ looks like and autonomously responds to suspicious behaviour. Truly smart security systems can analyse data about: geolocation, time of day, speed of movement, (i.e. logging in from two locations without expending the time required to physically get from one to the other), speed of access (i.e. clicking through files faster than humanly possible), and more to correctly identify risky behaviour – and shut it down.

4) Future-proof your investments

Finally, it’s worth bearing in mind that an effective security system is never static. The demands you face will change, as will the needs of your workforce. Given the need to continuously iterate, it’s advisable to consider combining your network and security services in one place. This will provide rapid, secure business access right across an environment, and enable upgrades without having to laboriously integrate new point products with old ones.
A single platform that provides all your core security requirements in one place, is a key consideration for maintaining continuity. It gives you the intelligence and automation to protect an increasingly mobile workforce whatever the future holds.
To find out more about how to implement a Zero Trust ZTNA approach, download this ebook Your Guide to Implementing Zero Trust.