Zero-trust security

Issue 1 2021 Infrastructure

Following the COVID-19 pandemic, many businesses restructured their entire office strategy by locking or reducing their office footprint, others introducing hot desks policies and some going completely remote. This shift brings with it a variety of elements as well as challenges in terms of security.

Simeon Tassev.

Policies and processes must be adapted, and controls need to become software-based to cater to a world where people are empowered to work from anywhere. The Secure Access Service Edge (SASE) is built on a zero-trust approach that requires all connecting devices to meet the criteria as defined by security policies and have the right levels of authentication. This framework offers an effective solution to security challenges faced today and in the future.

The edge is growing

The traditional approach of boundary protection with remote access becomes increasingly cumbersome and ineffective as the edge grows and boundaries become more amorphous. Environments need to open up to allow for an increased workforce of people who are not necessarily working from within the corporate physical location. A more flexible and scalable approach is needed, but at the same time, security needs to be tighter than ever. To facilitate current and future workforce requirements, enterprises need to ensure that all endpoints and connections are managed with consistent policies regardless of location.

The work-from-anywhere business model creates greater edge computing challenges and changes network access needs, as more users, devices and applications become located outside of the corporate enterprise. Locking down the perimeter is no longer effective or even possible, and doing so negatively impacts business efficiency. A different approach is essential to facilitate today’s dynamic access requirements.

Trust is earned

SASE starts from a base of zero trust. This means that, by default, all devices are untrusted. To earn trust and gain access, policies need to be applied and criteria met, such as various levels of authentication that must be implemented. To do this, agents are loaded onto endpoint devices, which connect with the SASE system and receive the relevant levels of access and permissions to enable connection. It allows businesses to facilitate a remote or hybrid workforce using public infrastructure, while still applying corporate security policies consistently and homogeneously.

Using an SASE framework ensures more effective management, as policies and access controls are applied consistently regardless of device or location. This is also more secure because it is homogenous and leaves no room for error with regard to policy implementation. Using this type of network design places enterprises in a more effective position to manage the complex workforce setup that the ‘new norm’ has created.

Ensuring effectiveness

The first step in effectively implementing an SASE framework is to understand, from an architectural perspective, how it will function. An assessment is therefore required of the applications that are in place, what is required to access them, and where they need to be accessed from in order for employees to perform their jobs. Businesses need to map what users need to connect to and where. Only once this is understood can the relevant controls be put into place, and technology implemented to enforce and police these controls. Furthermore, this updates the permissions required along with access controls and authentication.

Technology is a crucial tool in facilitating a zero-tolerance network approach as it is impossible to enforce controls otherwise, but choosing the right tool and customising it effectively can prove challenging. The most appropriate technology solution depends on the architecture and specific requirements of an enterprise. The right security partner can ensure that technology, access and strategies are linked to the particular needs of the enterprise and design a solution to suit. Risk mitigation is the key, and an effective partner can help businesses to navigate the uncharted waters of the current environment and position them to meet future changes with greater ease.

Share this article:
Share via emailShare via LinkedInPrint this page

Further reading:

The TCO of cloud surveillance
DeepAlert Verifier Technews Publishing Surveillance Infrastructure
SMART Security Solutions asked two successful, home-grown cloud surveillance operators for their take on the benefits of cloud surveillance to the local market. Does cloud do everything, or are there areas where onsite solutions are preferable?

Cyber resilience – protect, defend, recover
The challenge with AI is that threats are getting harder to detect. As a result, plans in 2024 are not just about detection and prevention, but about recovery.

Powering business resilience and field operations
Infrastructure Products & Solutions
[Sponsored] The Anker 757 Portable Power Station emerges as a strategic asset for businesses looking to overcome power instability and the demand for operational efficiency in remote and field-based environments.

Top bets for backup and business continuity
Become your organisation’s data pioneer and spearhead data governance and protection of critical data. Challenge why best practices are not adopted or in place, while highlighting the inherent risks this poses.

Next-gen solar-powered switches
Duxbury Networking has introduced its range of solar unmanaged switches, which are ideal for any environment requiring reliable Power-over-Ethernet (PoE) capabilities, such as IP phones, cameras, and access points.

Navigating South Africa's cybersecurity regulations
Sophos Information Security Infrastructure
[Sponsored] Data privacy and compliance are not just buzzwords; they are essential components of a robust cybersecurity strategy that cannot be ignored. Understanding and adhering to local data protection laws and regulations becomes paramount.

Creating a cybersecurity strategy in a world where threats never sleep
Information Security Infrastructure
[Sponsored Content] The boom of Internet of Things (IoT) technology and the chaos that surrounded the sudden shift to work-from-home models in 2020 kick-started the age of cybercrime. In that period, incidents rose by 600%, affecting every industry and showing no signs of slowing down.

Gallagher Security’s achieves SOC2 Type 2 recertification
Gallagher News & Events Integrated Solutions Infrastructure
Gallagher has achieved System and Organization Controls (SOC2 Type 2) recertification after a fresh audit of the cloud-hosted services of its integrated security solution, Command Centre. The recertification was achieved on 21 December 2023.

Cyberattacks the #1 cause of business outages
Editor's Choice Information Security Infrastructure
The latest survey by Veeam Software shows that 92% of organizations will increase their spending on data protection by 2024 to achieve cyber resilience due to continued threats of ransomware and cyberattacks.

Nology races to end 2023
Editor's Choice News & Events Infrastructure
Nology ended 2023 with an event highlighting its various products and services to the local market, followed by a few laps around the Kyalami Indoor Karting track.