Zero Trust and user fatigue

SMART Access & Identity 2024 Access Control & Identity Management, Information Security


Paul Meyer.

When it comes to zero trust network access (ZTNA), Gartner defines it as products and services that create an identity and context-based, logical-access boundary encompassing an enterprise user and an internally hosted application or set of applications. The applications are hidden from discovery, and access is restricted via a trust broker to a collection of named entities, which limits lateral movement within a network.

Gartner1 adds that ZTNA solutions are rapidly replacing remote access VPNs for application access. This Market Guide, which includes a list of representative vendors and their products, will help security and risk management leaders evaluate ZTNA offerings as part of a security service edge (SSE) strategy. Gartner notes an increased focus by end user organisations on zero trust strategies/cloud adoption – and a desire to provide more secure and flexible connectivity for hybrid workforces – heightens interest in the zero trust network access (ZTNA) market.

Organisations identify VPN replacement as their primary motivation for evaluating ZTNA offerings, but find that justification comes from risk reduction, not from any cost savings. Agent-based ZTNA is increasingly deployed as part of a more significant secure access service edge (SASE) architecture or security service edge (SSE) solution to replace always-on VPNs that traditionally provide full network security stacks for remote managed endpoints.

A new study2 from the National Institute of Standards and Technology (NIST) found that a majority of the typical computer users they interviewed experienced security fatigue which often lead users to risky computing behaviour at work and in their personal lives.

What is the perimeter today?

We live in a new world of widespread networking, remote access and rapid information exchange, with new technologies such as mobile devices and cloud, poking even more holes in the perimeter.

Today, cybersecurity is evolving again. Cyberattacks are dynamic, challenging to predict, and have higher stakes. Cybercriminals have the latest technologies at their fingertips. Machines are deployed against the enterprise’s defences, operating at a vast scale, with volume, speed and agility.

The attack surface grows daily, with two-thirds of employees3 said to be using their own devices for work, and some reported using more than one (e.g., cell phone, tablet, personal laptop, wearable technology). The unstoppable trend of bring your own device (BYOD) requires new security measures to manage these myriad endpoints.

So, the castle-and-moat approach to cybersecurity will not do the job. Vulnerabilities permeate all levels of business systems, and your cybersecurity strategies probably need a reboot. Today’s threats cannot be fought with yesterday’s strategies, and a zero trust approach to security is required.

Zero Trust is a network security model based on the idea of never trust, always verify. Users and endpoints are not trusted until they are authenticated; even then they only gain access to specific, limited applications and data. Additionally, they must reauthenticate periodically to maintain their access. Smart threat detection technologies patrol the network, analysing patterns and flagging anomalous or suspicious behaviour.

With holistic Enterprise Information Management (EIM) technologies, critical data is centralised and protected within layers of security, extending from the heart of the enterprise to all endpoints. Protection is complete against all attack vectors, external or internal. The latter ensures protection against mistakes, either deliberate or caused by internal user fatigue (one report by IBM found that 95% of cybersecurity breaches result from human error). In other words, human mistakes are so overwhelming in cybersecurity that 19 out of 20 cyber breaches result from human error.

Identity access management (IAM) authenticates and authorises each user. An IAM system includes automated lifecycle management for internal and external users, comprehensive identity governance, privileged access management and integrated multi-factor authentication (MFA) capabilities. It stops identity sprawl to third parties, centralising and protecting identities.

However, securing identities is just the beginning. One of the most common ways the bad guys circumvent enterprise security protocols is through endpoints. All edges are vulnerable – servers (on-premises and on-cloud), workstations, desktops, laptops, tablets, and mobile devices. This is why a Zero Trust security system must understand every unique endpoint and its security status, yielding complete visibility and control over any endpoint requesting access.

Find out more at iOCO, +27 11 607 8100, [email protected], https://ioco.tech/

[1] https://www.securitysa.com/*gartner8

[2] https://www.securitysa.com/*ieee1

[3] https://www.securitysa.com/*opentext1




Share this article:
Share via emailShare via LinkedInPrint this page



Further reading:

A platform for access and identity at Securex 2025
Securex South Africa Access Control & Identity Management Facilities & Building Management
South African companies involved in supplying access control technology, security services, and data management are well-positioned to tap into the expanding access control market at Securex 2025.

Read more...
Background checks: risk levels and compliance
iFacts Access Control & Identity Management Security Services & Risk Management
Conducting background checks is a vital step in the hiring process for employers or when engaging service providers; however, it is crucial to understand the legal framework and regulations governing these checks.

Read more...
Insurance provider uses Net2 For access management
Paxton Access Control & Identity Management Integrated Solutions Healthcare (Industry)
BestMed selected Paxton Net2 for its access control requirements because of its simplicity of installation and ease of navigation for end users, as well as the 5-year warranty.

Read more...
Identity is a cyber issue
Access Control & Identity Management Information Security
Identity and access management telemetry has emerged as the most common source of early threat detection, responsible for seven of the top 10 indicators of compromise leading to security investigations.

Read more...
Embracing contactless access solutions
HID Global Access Control & Identity Management
There has long been a discussion of the perils and virtues of authentication factors. Is it more secure to use something we have (a key card), something we know (a password), or something we are (biometrics)?

Read more...
Smart access for a safer community
neaMetrics Suprema Access Control & Identity Management Residential Estate (Industry) Products & Solutions Commercial (Industry)
Suprema has released its BioEntry W3 facial authentication access control device with multiple authentication options, including RFID cards as well as mobile credentials, designed for durability and resilience.

Read more...
The power of knowing your client
Ideco Biometrics Access Control & Identity Management Integrated Solutions
One of the most effective ways to combat the threat of fraud, identity theft, and financial crime threats is through a robust Know Your Client (KYC) process, which safeguards both businesses and clients.

Read more...
Smarter ways to secure your space
Elvey Security Technologies Access Control & Identity Management Products & Solutions
Ensuring the safety of people and assets has become more crucial than ever, and access control systems provide essential tools to regulate and monitor who can enter specific areas or access sensitive resources.

Read more...
Facial recognition in national security
Access Control & Identity Management Government and Parastatal (Industry)
As global security challenges evolve, facial recognition technology provides a vital edge by turning our unique identities into powerful assets for national defence and changing a sea of anonymity into a line of defence.

Read more...
Federated identity orchestration
Technews Publishing SMART Security Solutions Editor's Choice Access Control & Identity Management Security Services & Risk Management AI & Data Analytics
Understanding exactly who resides at the end of a digital device is key, and simple identity number verification by the Department of Home Affairs is no longer a viable solution on its own.

Read more...