Zero-trust security

Issue 1 2021 Infrastructure

Following the COVID-19 pandemic, many businesses restructured their entire office strategy by locking or reducing their office footprint, others introducing hot desks policies and some going completely remote. This shift brings with it a variety of elements as well as challenges in terms of security.


Simeon Tassev.

Policies and processes must be adapted, and controls need to become software-based to cater to a world where people are empowered to work from anywhere. The Secure Access Service Edge (SASE) is built on a zero-trust approach that requires all connecting devices to meet the criteria as defined by security policies and have the right levels of authentication. This framework offers an effective solution to security challenges faced today and in the future.

The edge is growing

The traditional approach of boundary protection with remote access becomes increasingly cumbersome and ineffective as the edge grows and boundaries become more amorphous. Environments need to open up to allow for an increased workforce of people who are not necessarily working from within the corporate physical location. A more flexible and scalable approach is needed, but at the same time, security needs to be tighter than ever. To facilitate current and future workforce requirements, enterprises need to ensure that all endpoints and connections are managed with consistent policies regardless of location.

The work-from-anywhere business model creates greater edge computing challenges and changes network access needs, as more users, devices and applications become located outside of the corporate enterprise. Locking down the perimeter is no longer effective or even possible, and doing so negatively impacts business efficiency. A different approach is essential to facilitate today’s dynamic access requirements.

Trust is earned

SASE starts from a base of zero trust. This means that, by default, all devices are untrusted. To earn trust and gain access, policies need to be applied and criteria met, such as various levels of authentication that must be implemented. To do this, agents are loaded onto endpoint devices, which connect with the SASE system and receive the relevant levels of access and permissions to enable connection. It allows businesses to facilitate a remote or hybrid workforce using public infrastructure, while still applying corporate security policies consistently and homogeneously.

Using an SASE framework ensures more effective management, as policies and access controls are applied consistently regardless of device or location. This is also more secure because it is homogenous and leaves no room for error with regard to policy implementation. Using this type of network design places enterprises in a more effective position to manage the complex workforce setup that the ‘new norm’ has created.

Ensuring effectiveness

The first step in effectively implementing an SASE framework is to understand, from an architectural perspective, how it will function. An assessment is therefore required of the applications that are in place, what is required to access them, and where they need to be accessed from in order for employees to perform their jobs. Businesses need to map what users need to connect to and where. Only once this is understood can the relevant controls be put into place, and technology implemented to enforce and police these controls. Furthermore, this updates the permissions required along with access controls and authentication.

Technology is a crucial tool in facilitating a zero-tolerance network approach as it is impossible to enforce controls otherwise, but choosing the right tool and customising it effectively can prove challenging. The most appropriate technology solution depends on the architecture and specific requirements of an enterprise. The right security partner can ensure that technology, access and strategies are linked to the particular needs of the enterprise and design a solution to suit. Risk mitigation is the key, and an effective partner can help businesses to navigate the uncharted waters of the current environment and position them to meet future changes with greater ease.




Share this article:
Share via emailShare via LinkedInPrint this page



Further reading:

Hytera supports communication upgrade for Joburg
News & Events Infrastructure Government and Parastatal (Industry)
By equipping Johannesburg’s metro police and emergency services with multimode radios which integrate TETRA and LTE networks, Hytera is bridging coverage gaps and improving response times across the city.

Read more...
Combining TETRA or DMR with 5G broadband
Infrastructure IoT & Automation
As enterprises face rising complexity and connectivity demands, hybrid networks offer a transformative path, combining the proven reliability of TETRA or DMR with the innovation and coverage of 5G broadband.

Read more...
Questing for the quantum AI advantage
Infrastructure AI & Data Analytics
The clock is ticking down to the realisation of quantum AI and the sought-after ‘quantum advantage’. In many boardrooms, however, quantum remains mysterious; full of promise, but not fully understood.

Read more...
The growing role of hybrid backup
Infrastructure Information Security
As Africa’s digital economy rapidly grows, businesses across the continent are facing the challenge of securing data in an environment characterised by evolving cyberthreats, unreliable connectivity and diverse regulatory frameworks.

Read more...
IoT-driven smart data to stay ahead
IoT & Automation Infrastructure AI & Data Analytics
In a world where uncertainty is constant, the real competitive edge lies in foresight. Businesses that turn real-time data into proactive strategies will not just survive, they will lead.

Read more...
Hydrogen is green but dangerous
Fire & Safety Infrastructure Power Management
Hydrogen infrastructure is developing quickly, but it comes with safety challenges. Hydrogen is flammable, and its small molecular size means it can leak easily. Additionally, fires caused by hydrogen are nearly invisible, making them difficult to detect and respond to.

Read more...
A whole-site solution to crack the data centre market
Fire & Safety Infrastructure Facilities & Building Management
Fire safety consultants and contractors who can offer a comprehensive fire safety solution to the data centre market can establish themselves as a supplier of a key safety features that help guarantee the smooth operation of critical infrastructure.

Read more...
Wireless network security market
Infrastructure
The wireless network security market is experiencing significant growth, driven by the increasing adoption of wireless technologies, a surge in cyberthreats, and rising demand for secure data transmission.

Read more...
Acronis and Metrofile Cloud announce partnership
Infrastructure Integrated Solutions
Acronis has appointed Metrofile Cloud as its premier disaster recovery (DR) partner in southern Africa, combining Acronis' technologies with Metrofile Cloud's local expertise to deliver secure and adaptable disaster recovery solutions for businesses across the region.

Read more...
Managing stock efficiently and cost-effectively
Asset Management Infrastructure Logistics (Industry)
Rina Redelinghuys, customer services executive at Cquential, a member of the Argility Technology Group, examines stock management across various industries, including retail, fast-moving consumer goods, food and dairy, automotive, apparel, industrial, accessories, paint and chemicals, and pharmaceuticals.

Read more...










While every effort has been made to ensure the accuracy of the information contained herein, the publisher and its agents cannot be held responsible for any errors contained, or any loss incurred as a result. Articles published do not necessarily reflect the views of the publishers. The editor reserves the right to alter or cut copy. Articles submitted are deemed to have been cleared for publication. Advertisements and company contact details are published as provided by the advertiser. Technews Publishing (Pty) Ltd cannot be held responsible for the accuracy or veracity of supplied material.




© Technews Publishing (Pty) Ltd. | All Rights Reserved.