AT A GLANCE
Sounding the Security Alarm
Despite the best efforts of CISOs worldwide, breaches continue to unfold at an alarming rate. Data breaches compromise more than six million records every day.
The global average cost of a single data breach is up 6.4 percent to $3.86 million.
expected location. It checks that a device is running the most recent operating system and current software patches. Zero Trust also
vets users, restricting access based on various criteria, including multifactor authentication and recognized client certificates.
The road ahead
To deliver on the promise of Zero Trust, IT leaders will need the buy-in of end users who may react to the new security paradigm with skepticism. Numb to ever-changing cybersecurity requirements, employees may tend toward tuning out or disregarding new security initiatives not deemed worthy of their time and effort.
To overcome such apprehension, Zero Trust provides a virtually transparent experience. Users click
a desktop icon to seamlessly launch an application. Transactions flow through secure back channels, yet the experience feels local.
That seamlessness smooths the change management aspects of adopting a Zero Trust solution. There’s just not much for the IT team to explain, indoctrinate, justify or motivate. When employees see it
in action – just click and go – the premise of new and better security is more palatable.
Zero Trust also removes some of the stress of traditional security. For years, users have heard that they are the security problem because they download the wrong things. While good cyber hygiene is important, Zero Trust scores high with end users by limiting their culpability.
To deliver seamlessness, IT teams make investments on the back end. Zero Trust ensures security, in part, by
limiting user access based on predefined roles and permissions. Moving to Zero Trust requires collaboration between the IT
team and application owners who collaborate to define and map the identities of users requiring access.
Zero Trust’s streamlined approach
to network security makes it possible for IT staff to shed routine tasks
and concentrate on higher-level operations. For starters, all the hardware and the time-consuming procedures surrounding VPN go away. And rather than constantly checking logs and sniffing for
hacks, IT staff can spend more time monitoring the health of user connections and optimizing user experiences.
As the distinction between “inside” and “outside” the network continues to have less meaning – rendering perimeter defense increasingly less effective – Zero Trust provides a simpler, more secure way to connect end users to applications without additional risks.
Beyond VPN
Security experts seek solution to flawed premise.
The virtual private network (VPN) has proven inadequate to the evolving challenges of network security. As a means of extending trust to remote users, the premise of VPN is flawed.
VPN opens a conduit that allows remote users to access networks, a vital pathway for people who work outside traditional offices. Once connected via VPN, however, users can roam network layers at will, pinging and probing with few if any restrictions. And third-party contractors can gain extensive access to host systems.
VPN also is vulnerable to the “lost laptop” peril, a scenario in which a black-hat hacker uses a found device to gain freedom of movement inside a network.
Many IT leaders have concluded that an alternative to VPN is long overdue. Zero Trust eliminates many of their concerns in a solution that has a simpler, more streamlined architecture that, relative to traditional solutions, is easier to deploy and maintain.