Virtual Event: Threat Detection and Incident Response Summit - Watch Sessions
Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Network Security

The Ever-Increasing Issue of Cyber Threats – and the Zero Trust Answer

The benefits of ZTNA make it hard to ignore

Ensuring that the right people have access to the proper resources when they need them whilst maintaining security and access controls across multiple data centers and cloud environments is one of the biggest technical challenges any organization faces.

The benefits of ZTNA make it hard to ignore

Ensuring that the right people have access to the proper resources when they need them whilst maintaining security and access controls across multiple data centers and cloud environments is one of the biggest technical challenges any organization faces.

Having too much security can slow business and create disgruntled employees who may look for ways to circumvent processes and make their job simpler. What they fail to realize is that unsanctioned solutions, which are not managed by the security team, increase risk, and can make it easier for an accidental breach to occur.

The world is hyper-connected. People have expectations of gaining instant access – safely and securely. However, we also live in a changing world – events of the last two years have proven this beyond doubt. With IT constantly moving, security needs to adapt and evolve whilst keeping ahead of current trends.

Cyber Threats Meet Their Match

Ransomware is still a great money maker. Targeted attacks have embarrassed businesses, but for the most part, it’s simple: Lock data, threaten to expose data and request the ransom. In 2021, it was reported that more than 60 percent of businesses paid ransoms, so the reality is that this trend will continue. In February 2022, the Joint Cybersecurity Advisory released a ransomware advisory update alerting the serious nature of this threat and guiding how to protect against it.

This brings us to Remote Desktop Protocol (RDP), an administration solution which allows users to access their desktop and run applications remotely. In the last few years, there has been an uptick in attacks using RDP connections, and selling RDP credentials on the dark web has become commonplace. Businesses need to manage strict access policies to ensure that only the right people gain access – strong passwords, changing standard RDP TCP ports and restricting access to a user account.

Advertisement. Scroll to continue reading.

It’s not all bad, as we’ve seen a rise in security standards that help keep threats on the outside, and one of the most exciting is Zero Trust Network Access or ZTNA. As a concept, this has been around for several years, but recently vendors have created methodologies and product frameworks to support ZTNA in enterprise use.

The Zero Trust Solution

ZTNA is the answer to a problem – how to ensure that only the correct user has access to resources all the time. The default posture for ZTNA is no-access, and rights are re-confirmed at every stage to ensure nothing has changed. Suppose someone uses tools to hide their identity or connect from an unknown location. They may gain initial user/password access only to be immediately rejected when opening an application or resource.

This framework may sound complicated, but ZTNA has many benefits and can simplify or remove many challenges with managing security. Let’s take a deeper dive into the benefits of ZTNA:

• User management is simplified and clarified as accounts are not seen as internal, remote or external, but just as accounts all treated the same. Management is more straightforward, and users get equal treatment wherever they are located.

• Layered security using identity, location, device information and factored authentication guarantees that your security posture is always dialled up to the strongest setting, wherever the environment.

• Because ZTNA assumes a ‘trust no-one, assume nothing’ approach, anyone accessing the network will only see resources and applications through a lens of their direct access privileges. A benefit of this is that, should an attacker gain access to the network, their visibility will be hampered. Getting deeper into the system will be more difficult by the repeated need to check security, check device configuration and re-authenticate the user account.

• Visibility and control are improved as resources are treated equally, the security team has visibility of everything from office applications to every cloud platform in use and spinning up shadow-IT or rogue systems is not possible because these un-managed systems will not be able to inherit system access and users will be unable to authenticate.

• Most importantly, ZTNA should be transparent to users, with agent-based management to gather essential information on users and devices, which is then used to provide seamless network access to applications and resources that users legitimately need to access. 

The benefits of ZTNA make it hard to ignore. Reduced risk of a data-breach and access controls for cloud resources keep the business and technical teams happy, while the overall user experience is greatly improved by using Single Sign On (SSO) which makes access to applications and services much more usable.

ZTNA is also one of the most potent security opportunities we have today. As discussed above, a well-implemented ZTNA with the ‘trust-no-one, assume nothing’ mantra is also a great tool to mitigate potential attacks.

A well-managed network with secure data and services when combined with happy users easily accessing their resources makes for a very compelling ZTNA business case, and one that’s worth looking at today, if not sooner.

Written By

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

SecurityWeek’s Threat Detection and Incident Response Summit brings together security practitioners from around the world to share war stories on breaches, APT attacks and threat intelligence.

Register

Securityweek’s CISO Forum will address issues and challenges that are top of mind for today’s security leaders and what the future looks like as chief defenders of the enterprise.

Register

Expert Insights

Related Content

Identity & Access

Zero trust is not a replacement for identity and access management (IAM), but is the extension of IAM principles from people to everyone and...

Cybersecurity Funding

Network security provider Corsa Security last week announced that it has raised $10 million from Roadmap Capital. To date, the company has raised $50...

Identity & Access

Hackers rarely hack in anymore. They log in using stolen, weak, default, or otherwise compromised credentials. That’s why it’s so critical to break the...

Network Security

Attack surface management is nothing short of a complete methodology for providing effective cybersecurity. It doesn’t seek to protect everything, but concentrates on areas...

Network Security

NSA publishes guidance to help system administrators identify and mitigate cyber risks associated with transitioning to IPv6.

Cyberwarfare

Websites of German airports, administration bodies and banks were hit by DDoS attacks attributed to Russian hacker group Killnet

Application Security

Fortinet on Monday issued an emergency patch to cover a severe vulnerability in its FortiOS SSL-VPN product, warning that hackers have already exploited the...

Network Security

Our networks have become atomized which, for starters, means they’re highly dispersed. Not just in terms of the infrastructure – legacy, on-premises, hybrid, multi-cloud,...