It's no secret that the pandemic changed many things, and cybersecurity is one of them. As the nation shifted to remote work, cybercriminals shifted their attacks.
Historically, organizations relied on VPNs to protect their data, but as the work-from-anywhere (WFA) model took hold, the vulnerabilities of VPNs surfaced.
The Verizon 2021 Data Breach Investigations Report (DBIR) shows:
- Outsiders caused 70% of breaches in 2020
- 45% of breaches involved hacking, and 86% of these breaches were financially motivated
- 17% involved a malware
- 22% featured fishing or social engineering
Endpoints are no longer restricted to the fixed location the VPN protects, and cybercriminals took advantage of this vulnerability. Enter Zero Trust Network Access (ZTNA).
It wasn't just the shift to WFA that inspired the emergence of ZTNA. Organizations rely on cloud services, technology, and various applications to conduct business. The cyber threat landscape is constantly changing, and more robust forms of security are required.
What is Zero Trust Network Access (ZTNA)?
First, it's essential to define what ZTNA is—and what it's not. As a quick definition, ZTNA means everything is suspicious. There are no blanket levels of general accessibility, and each step in the process requires verification. Whenever a user or device tries to access a resource, they must identify their identity before access is granted. And even after access is granted, if another resource needs to be accessed, the verification process will start again.
In more detail, Gartner defines zero-trust network access as a product or service that creates an identity- and context-based, logical access boundary around an application or set of applications.
All applications are hidden, and access is denied until a trusted broker can verify the user's identity, context, and policy adherence before allowing access. Lateral movement anywhere else in the network is prohibited.
There is less for an attacker to see and target with applications hidden.
A zero-trust approach is a more practical approach to cybersecurity. Network perimeters have become more dynamic, and zero-trust steps away from protecting those parameters to preserving the applications and data.
Zero trust does this through the following benefits:
- Reduces risk. Assuming devices or users are trustworthy puts organizations at risk. Adopting a zero trust strategy puts suspicion on each interaction and allows for reduced liability.
- Decreases vulnerability. Zero trust makes it possible to see who and what is connected to the network.
- Extends security. Unlike VPN, ZTNA can extend past the network layer, providing application security independent of the network.
How does ZTNA work?
To provide secure remote access to internal operations, ZTNA works in four ways:
- ZTNA isolates the access of the application from the network. Doing so reduces the risk to the network since access to specific applications is only authorized for users who have been authenticated.
- ZTNA makes outbound-only connections, leaving the IPs invisible to unauthorized users. This creates a "darknet," making the network impossible to find.
- Even once access is granted, ZTNA provides segmentation that ensures authorized users only have access to specific applications rather than the entire network. This works to restrict the risk of movement of malware and other threats should they infect the network.
- Authentication is approached as user-to-application as opposed to a network security approach.
Why is ZTNA Important?
Zero trust network access shines a light on the flaw in the traditional concept of "trusted" and "untrusted." When cybersecurity moved from the verify model, it shifted to "untrust but verify the perimeter" (aka VPN). It used to be that once something passed a firewall, we deemed it safe. VPNs would create tunnels past the firewall, allowing network access to the user or device.
But if a cyber attack gets past the firewall, it now has unlimited access to the network. With zero-trust, every session is verified. The zero-trust framework is exactly what is needed in light of remote and hybrid workforces. Even corporate headquarters are no longer the center of trust, but now are on the same level of untrust as all other connections.
Zero-trust restricts access so that, in the event of a breach, the attack will remain isolated. This can save an organization time, money, and reputation since attacks are minimized and inflict minimal damage.
Working With VPN
Again, the shift to remote work has put VPN limitations in the spotlight. ZTNA offers a better remote access solution than simply using traditional VPNs while taking care of issues occurring when accessing applications.
ZTNA is less a VPN replacement, but rather a security framework that can inform policies to overlay a remote connection such as VPN.
ZTNA starts by believing that location doesn't confer trust. Users and devices need to be granted access for each session after authentication. Even then, they are provided the least privilege access—the user and device can only access those applications or resources needed to perform the task and nothing else.
ZTNA also doesn't specify how authentication needs to occur and can adjust as new or different authentication solutions are added.
Secure multi-cloud access
In the Flexera 2021 State of the Cloud Report, researchers found that 76% reported using at least two cloud providers in the organizations surveyed, 92% of enterprises have a multi-cloud strategy, and 80% have a hybrid cloud strategy.
Data and applications reside in various clouds, data centers, and branch offices.
ZTNA provides a way for users to access these cloud systems no matter their location.
Reduced third-party risk
ZTNA reduces third-party risk by ensuring users are only allowed access to the resources. Many third-party users might access resources on unmanaged devices, and with too many access privileges, this puts the network at greater risk. ZTNA ensures external users never gain access to the network.
Because ZTNA is primarily a cloud-delivered service, security controls can be applied in real-time, improving the user experience and boosting performance.
ZTNA allows users to access the resources necessary for their jobs no matter where they are without compromising the network.
Hybrid and remote workforces can remain connected and collaborate, whether in or out of the office.
How Anteris can help
At Anteris, we make security a top priority. As cybersecurity professionals, our security services support your business and protect your data from outside threats.
We pride ourselves on being lifelong learners. Being a security expert doesn't mean that someone has learned everything they need to know about cybersecurity. That's impossible. It's always changing. We know that and recognize that cybersecurity is an ever-evolving process to assess, align, and act, and keep moving forward as cybersecurity changes.
While there is no guaranteed protection against threat, we also have best practices for recovery in the event of a security breach.
Let us make your technology freeing, not frustrating.