Zero-trust security

Issue 1 2021 Infrastructure

Following the COVID-19 pandemic, many businesses restructured their entire office strategy by locking or reducing their office footprint, others introducing hot desks policies and some going completely remote. This shift brings with it a variety of elements as well as challenges in terms of security.

Simeon Tassev.

Policies and processes must be adapted, and controls need to become software-based to cater to a world where people are empowered to work from anywhere. The Secure Access Service Edge (SASE) is built on a zero-trust approach that requires all connecting devices to meet the criteria as defined by security policies and have the right levels of authentication. This framework offers an effective solution to security challenges faced today and in the future.

The edge is growing

The traditional approach of boundary protection with remote access becomes increasingly cumbersome and ineffective as the edge grows and boundaries become more amorphous. Environments need to open up to allow for an increased workforce of people who are not necessarily working from within the corporate physical location. A more flexible and scalable approach is needed, but at the same time, security needs to be tighter than ever. To facilitate current and future workforce requirements, enterprises need to ensure that all endpoints and connections are managed with consistent policies regardless of location.

The work-from-anywhere business model creates greater edge computing challenges and changes network access needs, as more users, devices and applications become located outside of the corporate enterprise. Locking down the perimeter is no longer effective or even possible, and doing so negatively impacts business efficiency. A different approach is essential to facilitate today’s dynamic access requirements.

Trust is earned

SASE starts from a base of zero trust. This means that, by default, all devices are untrusted. To earn trust and gain access, policies need to be applied and criteria met, such as various levels of authentication that must be implemented. To do this, agents are loaded onto endpoint devices, which connect with the SASE system and receive the relevant levels of access and permissions to enable connection. It allows businesses to facilitate a remote or hybrid workforce using public infrastructure, while still applying corporate security policies consistently and homogeneously.

Using an SASE framework ensures more effective management, as policies and access controls are applied consistently regardless of device or location. This is also more secure because it is homogenous and leaves no room for error with regard to policy implementation. Using this type of network design places enterprises in a more effective position to manage the complex workforce setup that the ‘new norm’ has created.

Ensuring effectiveness

The first step in effectively implementing an SASE framework is to understand, from an architectural perspective, how it will function. An assessment is therefore required of the applications that are in place, what is required to access them, and where they need to be accessed from in order for employees to perform their jobs. Businesses need to map what users need to connect to and where. Only once this is understood can the relevant controls be put into place, and technology implemented to enforce and police these controls. Furthermore, this updates the permissions required along with access controls and authentication.

Technology is a crucial tool in facilitating a zero-tolerance network approach as it is impossible to enforce controls otherwise, but choosing the right tool and customising it effectively can prove challenging. The most appropriate technology solution depends on the architecture and specific requirements of an enterprise. The right security partner can ensure that technology, access and strategies are linked to the particular needs of the enterprise and design a solution to suit. Risk mitigation is the key, and an effective partner can help businesses to navigate the uncharted waters of the current environment and position them to meet future changes with greater ease.

Share this article:
Share via emailShare via LinkedInPrint this page

Further reading:

Next-gen solar-powered switches
Duxbury Networking has introduced its range of solar unmanaged switches, which are ideal for any environment requiring reliable Power-over-Ethernet (PoE) capabilities, such as IP phones, cameras, and access points.

Navigating South Africa's cybersecurity regulations
Sophos Information Security Infrastructure
[Sponsored] Data privacy and compliance are not just buzzwords; they are essential components of a robust cybersecurity strategy that cannot be ignored. Understanding and adhering to local data protection laws and regulations becomes paramount.

Creating a cybersecurity strategy in a world where threats never sleep
Information Security Infrastructure
[Sponsored Content] The boom of Internet of Things (IoT) technology and the chaos that surrounded the sudden shift to work-from-home models in 2020 kick-started the age of cybercrime. In that period, incidents rose by 600%, affecting every industry and showing no signs of slowing down.

Gallagher Security’s achieves SOC2 Type 2 recertification
Gallagher News & Events Integrated Solutions Infrastructure
Gallagher has achieved System and Organization Controls (SOC2 Type 2) recertification after a fresh audit of the cloud-hosted services of its integrated security solution, Command Centre. The recertification was achieved on 21 December 2023.

Cyberattacks the #1 cause of business outages
Editor's Choice Information Security Infrastructure
The latest survey by Veeam Software shows that 92% of organizations will increase their spending on data protection by 2024 to achieve cyber resilience due to continued threats of ransomware and cyberattacks.

Nology races to end 2023
Editor's Choice News & Events Infrastructure
Nology ended 2023 with an event highlighting its various products and services to the local market, followed by a few laps around the Kyalami Indoor Karting track.

Cybersecurity integrated with data protection
Technews Publishing News & Events Infrastructure
Last year's VeeamOn Tour conference in South Africa was a smaller version of the annual global Veeam conference, aimed at the company's regional partners and customers.

Enhanced cellular connectivity is critical for farm safety
Infrastructure Agriculture (Industry)
In South Africa, the safety of our rural communities, particularly on farms, is a pressing concern. Nearly 32% of South Africa’s 60 million people live in these areas, where security challenges are constantly in the spotlight.

All aspects of data protection
Technews Publishing Editor's Choice Information Security Infrastructure AI & Data Analytics
SMART Security Solutions spoke to Kate Mollett, Senior Director, Commvault Africa, about the company and its evolution from a backup specialist to a full data protection specialist, as well as the latest announcements from the company.

Revolutionising networking technology for the future
Infrastructure IoT & Automation
[Sponsored] In the fast-evolving landscape of networking technology, RUCKUS Networks stands out as a trailblazer, offering innovative solutions that redefine connectivity experiences across various industries.