Pack analyst btn         PAC        
 
Home » Blog » Zero Trust moves from buzz-word to practical approach as enterprises seek to secure their business

12 February 2021

tagsTags

comments 0 Comment (s)

Zero Trust moves from buzz-word to practical approach as enterprises seek to secure their business

We’ve heard a lot about Zero Trust over the years, but the onset of the COVID-19 pandemic moved the buzz word abruptly to the forefront. In part, due to the rapid increase in demand for digital workplaces for remote work, and in part to a rapidly evolving threat landscape, the topic quickly captured C-Suite mindshare.

Providing hardware is the easy part…

Enabling employers with required endpoint hardware is the easy part. The far greater challenge is to protect the company and its assets against growing cyber crime and to limit the risks associated with the steep rise in exposure points in information systems that are increasingly open and shared with an ecosystem of suppliers, customers, and third-party services.

…but ensuring secure access is a much bigger challenge.

But as this ecosystem and landscape grows in scale and complexity, so do the challenges in securing it. The solution is a significant shift in approach, one where organizations do not automatically trust devices or users inside or outside its perimeters and instead must verify any access request to its systems before granting access.

This approach – called a zero trust network - is built upon five fundamental design principles:

  • The network is always assumed to be hostile.
     
  • External and internal threats are always assumed to exist on the network at all times.
     
  • Network locality is not sufficient for granting trust in a network.
     
  • Every device, user, and network flow is authenticated and authorized.
     
  • Policies must be dynamic and calculated from as many sources of data as possible.

The efficacy of Zero trust approaches rely on important tools including security information management, advanced security analytics platforms, security user behavior analytics, and other analytics systems to help security experts monitor in real-time what is happening on their networks so they can act accordingly.

The Zero Trust journey

Of course, implementing a zero-trust network isn’t a simple process. To implement zero trust, organizations need time and usually external support, often following a common 4-stage approach:

  • Stage 0: Many organizations start their zero trust projects with on-premise directory services in a hybrid infrastructure, forcing IT to manage different identities across systems as well as applications and services that may be used without awareness of the IT department. For users, this means many passwords which are often unsecure.
     
  • Stage 1: To solve these identity issues, the next step would be Unified Identity and Access management including all systems (on- and off-premise) and applications, and obviously, all users.
     
  • Stage 2: the next stage in zero trust security is the use of context-based access policies. This means collecting the user’s context information (i.e. who is the user?), application context (i.e., which application the user is trying to access), device context, location / network, and applying access policies based on that information. A policy could be established to allow access by managed devices, but unmanaged devices logging in from never-seen locations would be prompted for a sort of multi-factor authentication.
     
  • Stage 3: In the final stage, organizations extend the focus onto authenticating and authorizing access. This means that authentication no longer occurs only at the first access request, but continuously throughout the user’s experience through a continuous, adaptive, risk-based evaluation to identify potential threats during the user’s journey. In other words, if access to a system or application is granted, but the user does anything unusual, further authentication methods are used and access might be revoked.

The Zero Trust journey - Stages


Got stuck? You are in good company...

Without a doubt, zero trust is an important architecture principle to secure data access, but it is a complex endeavor. Most organizations are currently stuck between stage 1 and 2 and really need help to get to reach the secure utopia of stage 3.

…you can get there with a little help

Zero trust in combination with SASE and micro-segmentation elevates security to the next level, but such projects are complex. In almost all cases, organizations need external help from experts in designing such an infrastructure solution – whether from a vendor or independent consultants. Many of the leading IT Services firms are building out security-focused delivery capabilities that embed zero-trust approaches into solutions and services. So the good news is, for enterprises who are stuck on their journey to zero-trust, there is a dynamic marketplace for of solutions and expertise ready to support them.

What we expect

As the space evolves, PAC expects to see strong market demand for zero trust and even greater demand for the whole package (zero trust, SASE, micro-segmentation), as well as for security-focused consulting and solutions over the next 36+ months – as enterprises look to secure their sprawling operations, and push back against a rapidly evolving threat landscape.

Get more insights

Obviously Zero trust is not just a hype, there is a genuine need for enterprises to adopt a new security posture, pushed further by the need for digital workplaces. And of course, it is not the only next big thing in Cyber Security – to find our more, check out our trilogy of InBrief Analysis reports in which we cover the most relevant Cyber Security topics and technologies for users and service providers, explain the pros and cons, who should be interested and give advice how to handle it.



 

Latest Blog Posts

Immersion cooling – the next big step in data center cooling?

Data centers will face some issues over the next few years. They consume huge amounts of energy, a large proportion of which is used for cooling. In some European countries, there is legislation requiring them to reuse at least parts of the heat for data centers by 2027, and there are minimum efficiency requirements for new and, going forward, ...

Event Date : July 25, 2024

Read more

Orange Business Insights 2024

Orange Business Insights 2024 : retour sur l’événement dédié aux analystes avec des résultats et des avancées notables pour l’avenir de l’entreprise. PAC a eu le plaisir de participer à l'événement annuel « Insights 2024 » dédié aux analystes et organisé par Orange Business à Amsterdam les 10 et 11 juillet 2024.

Event Date : July 22, 2024

Read more

Inetum establishes six new Digibanks in Belgium to promote digital inclusion

Digital services and solutions provider Inetum, in collaboration with local authorities, has set up Digibank in six Belgian municipalities of Zuiderkempen—Geel, Herselt, Hulshout, Laakdal, Meerhout, and Westerlo. This initiative aims to provide residents, especially vulnerable youth and other citizens, with access to the digital world in a ...

Event Date : July 19, 2024

Read more

ESG Data Management and Disclosure In The Real Estate Sector

The real estate sector is responsible for 35% of global CO2 emissions The real estate sector continues to feel the pressure to improve transparency around the environmental impacts of buildings to satisfy demands from investors and regulators (such as the EU Taxonomy, CSRD). In this context, real estate organizations (defined here as companies ...

Event Date : July 10, 2024

Read more

Numérique : une croissance continue depuis 15 ans qui se ralentit

PAC réalise tous les semestres l’analyse de la conjoncture du marché numérique français (ESN, éditeurs et ICT) avec numeum en interrogeant plus de 150 DSI et environ 300 entreprises du numérique.

Event Date : July 09, 2024

Read more

0 thoughts on "Zero Trust moves from buzz-word to practical approach as enterprises seek to secure their business"

Leave a Reply

Share via ...