printer friendly version

Zero Trust and user fatigue

Paul Meyer.

When it comes to zero trust network access (ZTNA), Gartner defines it as products and services that create an identity and context-based, logical-access boundary encompassing an enterprise user and an internally hosted application or set of applications. The applications are hidden from discovery, and access is restricted via a trust broker to a collection of named entities, which limits lateral movement within a network.

Gartner¹ adds that ZTNA solutions are rapidly replacing remote access VPNs for application access. This Market Guide, which includes a list of representative vendors and their products, will help security and risk management leaders evaluate ZTNA offerings as part of a security service edge (SSE) strategy. Gartner notes an increased focus by end user organisations on zero trust strategies/cloud adoption – and a desire to provide more secure and flexible connectivity for hybrid workforces – heightens interest in the zero trust network access (ZTNA) market.

Organisations identify VPN replacement as their primary motivation for evaluating ZTNA offerings, but find that justification comes from risk reduction, not from any cost savings. Agent-based ZTNA is increasingly deployed as part of a more significant secure access service edge (SASE) architecture or security service edge (SSE) solution to replace always-on VPNs that traditionally provide full network security stacks for remote managed endpoints.

A new study² from the National Institute of Standards and Technology (NIST) found that a majority of the typical computer users they interviewed experienced security fatigue which often lead users to risky computing behaviour at work and in their personal lives.

What is the perimeter today?

We live in a new world of widespread networking, remote access and rapid information exchange, with new technologies such as mobile devices and cloud, poking even more holes in the perimeter.

Today, cybersecurity is evolving again. Cyberattacks are dynamic, challenging to predict, and have higher stakes. Cybercriminals have the latest technologies at their fingertips. Machines are deployed against the enterprise’s defences, operating at a vast scale, with volume, speed and agility.

The attack surface grows daily, with two-thirds of employees³ said to be using their own devices for work, and some reported using more than one (e.g., cell phone, tablet, personal laptop, wearable technology). The unstoppable trend of bring your own device (BYOD) requires new security measures to manage these myriad endpoints.

So, the castle-and-moat approach to cybersecurity will not do the job. Vulnerabilities permeate all levels of business systems, and your cybersecurity strategies probably need a reboot. Today’s threats cannot be fought with yesterday’s strategies, and a zero trust approach to security is required.

Zero Trust is a network security model based on the idea of never trust, always verify. Users and endpoints are not trusted until they are authenticated; even then they only gain access to specific, limited applications and data. Additionally, they must reauthenticate periodically to maintain their access. Smart threat detection technologies patrol the network, analysing patterns and flagging anomalous or suspicious behaviour.

With holistic Enterprise Information Management (EIM) technologies, critical data is centralised and protected within layers of security, extending from the heart of the enterprise to all endpoints. Protection is complete against all attack vectors, external or internal. The latter ensures protection against mistakes, either deliberate or caused by internal user fatigue (one report by IBM found that 95% of cybersecurity breaches result from human error). In other words, human mistakes are so overwhelming in cybersecurity that 19 out of 20 cyber breaches result from human error.

Identity access management (IAM) authenticates and authorises each user. An IAM system includes automated lifecycle management for internal and external users, comprehensive identity governance, privileged access management and integrated multi-factor authentication (MFA) capabilities. It stops identity sprawl to third parties, centralising and protecting identities.

However, securing identities is just the beginning. One of the most common ways the bad guys circumvent enterprise security protocols is through endpoints. All edges are vulnerable – servers (on-premises and on-cloud), workstations, desktops, laptops, tablets, and mobile devices. This is why a Zero Trust security system must understand every unique endpoint and its security status, yielding complete visibility and control over any endpoint requesting access.

Find out more at iOCO, +27 11 607 8100, solve@ioco.tec, https://ioco.tech/

^[1] https://www.securitysa.com/*gartner8

^[2] https://www.securitysa.com/*ieee1

^[3] https://www.securitysa.com/*opentext1

Share this article:

Further reading: