Make way for Zero Trust Network Access (ZTNA)
The
emigration of IT networks into the cloud broadens opportunities for many
data-driven enterprises, but also complicates the task of protecting them. To
counter this and other trends like hybrid work, more organizations are taking
up Zero Trust Network Access (ZTNA).
ZTNA represents part of a broader shift into zero trust architecture, where the focus of cybersecurity is less at the edge of the network and more with individual users. Permission to enter is no longer automatic, nor is open access across the host network.
According to the National Institute of Standards and Technology (NIST), “zero trust assumes there is no implicit trust granted to assets or user accounts based solely on their physical or network location… or asset ownership.”
Zero
trust architecture improves on other cybersecurity models by limiting access to
where it is needed and can be best controlled and monitored. No longer are
networks theoretically vulnerable at the edge. With ZTNA, permission for
network access must be validated.
The challenge of ZTNA adoption
From a purely defensive perspective, ZTNA is ideal for the multi-front battle CISOs find themselves locked in today: “Zero-trust creates a ‘never trust’ posture that assumes malicious actors are both inside and outside the network.”
In
every industry, there is a growing case for ZTNA. Some are clear and relatively
easy to implement. Retail establishments need more stringent protections at
their points of sale. In healthcare, ZTNA can help guard patient privacy and
protect against disruptive cyberattacks.
Other
industries require more of an attitude adjustment to embrace a ZTNA solution.
Working under more sharply defined access perimeters requires more
understanding from users. Once in place, ZTNA also requires closer oversight
from network administrators who may find their added responsibilities are best
managed with active support from a trusted partner.
How
does one make the leap from a model designed to accommodate universal access to
one built around tight restrictions? Let’s look at two industries where ZTNA
can be advantageously implemented.
ZTNA and higher education
With
traditional universities, wide-open access has long been seen as integral to
the nature of higher learning. Yet this mindset can be dangerous in higher
education today.
The 2020s have seen a tremendous rise in cyberattacks against colleges and universities. In August 2023, Campus Safety Magazine reported: “With attacks against higher education on the rise year-over-year, campuses have become one of the top targets for attempted data breaches, ransomware attacks, malware and more.”
For
colleges and universities, ZTNA is not about barring access to a campus
network. Rather, it ensures access is better monitored and controlled, keeping
specific users where they need to be and blocking them when they have strayed,
inadvertently or otherwise.
For
ZTNA to work, campus IT leaders need to prioritize authentication whenever
users try to gain access. Identity and access management (IAM) solutions are
designed to provide students and other authorized users secure and easy access
to the information they need.
“With IAM solutions in place, educational institutions can control who has access to sensitive information and resources, such as student records and financial data.” These solutions, supported by single sign-on (SSO) technology, can be implemented to streamline access to multiple applications using a single network login.
Among
other positives, this approach helps eliminate the problem of forgotten or
reused passwords, an Achilles heel for many campus networks. For IT
departments, a single portal can be set up to allow management over IAM, SSO
and other authentication and access tools.
A
campus ZTNA platform must be flexible enough to facilitate a multitude of
simultaneous demands, fast enough to do so quickly and stable enough to service
a wide variety of campus users reliably.
ZTNA and government
With
government, the move to the cloud as well as to smart-spaces technology is
creating cybersecurity challenges as data becomes more central to citizen
experience.
In
today’s budget-conscious environment, government services are charged with the
need to do more with less. The city hall model of static, desk-bound public
service operations is being replaced by the need to be more mobile and meet
people where they live at times of day that work for them. This can strain
traditional network infrastructures.
By
enabling a more dynamic network edge, ZTNA solutions allow governments to
better protect privacy without sacrificing service flexibility. Instead of
being hobbled by often-siloed bureaucracies and agencies that engage the public
differently, ZTNA engages users individually.
Because
access is so closely monitored, ZTNA is particularly valuable in helping
governments minimize damage when breaches do occur.
The Federal Government has been moving aggressively to implement “zero-trust cybersecurity” across all agencies, following specific mandates from the White House to be met by 2024. This has spurred similar efforts among state and local governments who are being made increasingly aware of their own online vulnerabilities.
As
with other industries, one advantage of employing ZTNA in government is its
relative ease of adaptability. It complements rather than replaces existing
security tools. ZTNA can be introduced in concert with ongoing protocols,
without risk of disruption. This is one reason why uptake of ZTNA has been so
quick and robust.
The proven value of ZTNA
According
to Gartner, ZTNA will emerge by 2025 as the security framework of the future,
replacing remote access virtual private networks. In many industries, a
transition that has already begun.
The
right ZTNA strategy will never be a replacement for conventional network
cybersecurity, but instead an augmentation of it. ZTNA only works alongside
effective monitoring protocols that not only track individual users, but
analyze recurring issues and user metrics to develop more effective
cybersecurity regimens.
The right cybersecurity platform is one that can not only grow with your enterprise, but provide managed and co-managed services to enable your IT security staff to do more with the technology they have.
Learn
more about how Spectrum Enterprise can
help your enterprise unlock the potential of ZTNA and other digital solutions
with a technology partnership.
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.