The next step in an evolving security landscape

Issue 6 2022 Information Security, Products & Solutions


Carl Stoop.

The hybrid workplace continues to enjoy consistent adoption, particularly amongst those industries that do not require their workforce to be at the office every day. The benefits are well-published and tangible, however, it has also brought with it a smorgasbord of security challenges.

Traditionally, organisations have relied on VPNs and premises-based security to fortify remote access.  However, if there’s one thing that we’ve learned from the pandemic is that these steps are simply not enough.

Enter Zero Trust Network Access (ZTNA), an evolutionary solution to organisations’ hybrid work policies and subsequent environments.

Analyst firm, Gartner, defines ZTNA as “products and services that create an identity- and context-based, logical-access boundary that encompasses an enterprise user and an internally hosted application, or set of applications.

“The applications are hidden from discovery, and access is restricted via a trust broker to a collection of named entities. The broker verifies the identity, context and policy adherence of the specified participants before allowing access, and minimises lateral movement elsewhere in the network.”

Considering the above, what does an implemented ZTNA solution offer in layman’s terms?

• Limits access on an application-by-application basis.

• Authenticates every device and user, no matter where they are located.

• Acknowledges today’s complex networks and makes zero assumptions.

Choosing the right ZTNA

Demystifying ZTNA is the first step; the next is ensuring that you choose the right ZTNA option that provides the above-mentioned benefits and features. 

• Ensure support for all users. The solution must secure access for everyone: employees with managed devices, BYOD devices, mobile devices, third-party partners, engineering teams and DevOps users. Look for client-based access and clientless architecture for secure access to web applications, databases, remote desktops and secure shell (SSH) servers. Be sure to also consider basic PAM (privileged access management) requirements for teams that need access to multi-cloud environments and single sign-on (SSO) into private resources.

• Ensure support for all target resources. Ensure the ZTNA solution supports all high-priority private applications and resources, not just web apps. Ensure easy operation. Look for a ZTNA solution offering maximum value with minimum maintenance. Cloud-based solutions with a unified console are easy to use and provide visibility across all ZTNA use-cases.

• Ensure high performance and service availability. A ZTNA service must deliver close to 99,999% uptime and high performance backed by service-level agreements (SLAs).

• Ensure zero trust security soundness. Look for ZTNA solutions that separate the control and data planes to enable true least-privilege access to applications and other resources.

• Part of a future-ready security service edge. Consider how the ZTNA solution can be extended to secure other use-cases – branch access via Firewall as a Service (FWaaS), Internet access via Secure Web Gateway (SWG), and SaaS access through a Security Service Edge (SSE).

Check Point’s Harmony Connect Remote Access secures access to any internal corporate application residing in the data centre, IaaS, public or private clouds. The solution is also easy to deploy, taking less than 15 minutes to install.

Harmony Connect Remote Access can be implemented in two ways:

• Clientless application-level access, which applies intuitive ZTNA to web applications, databases, remote desktops and SSH servers with granular in-app controls.

• Client-based network-level access: this VPN-as-a-service option is ideal for securing employee access from managed devices.


Credit(s)




Share this article:
Share via emailShare via LinkedInPrint this page



Further reading:

Highest increase in global cyberattacks in two years
Information Security News & Events
Check Point Global Research released new data on Q2 2024 cyber-attack trends, noting a 30% global increase in Q2 2024, with Africa experiencing the highest average weekly per organisation.

Read more...
Upgrade your PCs to improve security
Information Security Infrastructure
Truly secure technology today must be designed to detect and address unusual activity as it happens, wherever it happens, right down to the BIOS and silicon levels.

Read more...
Hikvision launches AcuSeek NVR
Surveillance Products & Solutions AI & Data Analytics
By integrating natural language interaction, Hikvision’s AcuSeek NVR enables precise video and image retrieval within seconds, marking a transformative milestone for the security industry's advance into intelligent and efficient applications.

Read more...
Open source code can also be open risk
Information Security Infrastructure
Software development has changed significantly over the years, and today, open-source code increasingly forms the foundation of modern applications, with surveys indicating that 60 – 90% of the average application's code base consists of open-source components.

Read more...
DeepSneak deception
Information Security News & Events
Kaspersky Global Research & Analysis researchers have discovered a new malicious campaign which is distributing a Trojan through a fake DeepSeek-R1 Large Language Model (LLM) app for PCs.

Read more...
SA’s strained, loadshedding-prone grid faces cyberthreats
Power Management Information Security
South Africa’s energy sector, already battered by decades of underinvestment and loadshedding, faces another escalating crisis; a wave of cyberthreats that could turn disruptions into catastrophic failures. Attacks are already happening internationally.

Read more...
Analyse, automate, and optimise logistics processes
neaMetrics Surveillance Transport (Industry) Products & Solutions Logistics (Industry)
In today’s rapidly evolving logistics sector, the pressure to improve process efficiency, optimise resource usage, and ensure seamless security is more intense than ever. Smart, proactive surveillance is no longer a luxury — it is a critical operational necessity.

Read more...
Almost 50% of companies choose to pay the ransom
News & Events Information Security
This year’s Sophos State of Ransomware 2025 report found that nearly 50% of companies paid the ransom to get their data back, the second-highest rate of ransom payment for ransom demands in six years.

Read more...
Survey highlights cost of cyberdamage to industrial companies
Kaspersky Information Security News & Events
The majority of industrial organisations estimate their financial losses caused by cyberattacks to be over $1 million, while almost one in four report losses exceeding $5 million, and for some, it surpasses $10 million.

Read more...
Digital economy needs an agile approach to cybersecurity
Information Security News & Events
South Africa is the most targeted country in Africa when it comes to infostealer and ransomware attacks. Being at the forefront of the continent’s digital transformation puts South Africa in the crosshairs for sophisticated cyberattacks

Read more...










While every effort has been made to ensure the accuracy of the information contained herein, the publisher and its agents cannot be held responsible for any errors contained, or any loss incurred as a result. Articles published do not necessarily reflect the views of the publishers. The editor reserves the right to alter or cut copy. Articles submitted are deemed to have been cleared for publication. Advertisements and company contact details are published as provided by the advertiser. Technews Publishing (Pty) Ltd cannot be held responsible for the accuracy or veracity of supplied material.




© Technews Publishing (Pty) Ltd. | All Rights Reserved.