FOCUSING ON THREE KEY AREAS WITH AN EFFECTIVE ZERO TRUST ACCESS STRATEGY
Modern organisations are embracing ‘ digital ’ and while there are countless benefits to this , it does create challenges when it comes to security as the traditional network perimeter is disappearing . Peter Newton , Senior Director of Products and Solutions – IoT and OT at Fortinet , tells us how a Zero Trust access approach is helping CISOs gain insight into who and what is on the network in order to improve their organisations ’ security posture .
he most secure
T network is one that has no connections . Of course , that idea is not only impractical , it also defeats the purpose of a network . The reality is that no network is an island and as businesses become more digital , networks inevitably become more complicated and dispersed . Today ’ s networks now have many ‘ edges ’, so it ’ s much harder than it used to be to create a single defensible boundary . In the face of these changes ,
Peter Newton , Senior Director of Products and Solutions – IoT and OT at Fortinet the traditional network perimeter is dissolving and it ’ s far more difficult to tell who and what can be trusted .
To respond to increasing threats , best practices now stipulate a ‘ trust no one , trust nothing ’ attitude towards network access . Protecting the network with this Zero Trust access ( ZTA ) approach means that all users , all devices and all web applications from the cloud must be trusted , authenticated and have the correct amount of access privilege ( and no more ).
With perimeter-based security , anything that can bypass Edge security checkpoints is given free access , but with ZTA the assumption is that every device on your network is potentially infected and any user is capable of compromising critical resources .
The Zero Trust access model is not a new concept and CISOs that are planning to implement it can choose from a wide array of technologies designed to meet the requirements of the National Institute of Standards and Technology ( NIST ) Zero Trust Architecture . But getting all these often-isolated technologies to work together to prevent security lapses can be challenging .
Focusing on three key areas of Zero Trust access
With ZTA , the entire concept of trusted and untrusted zones no longer applies ; location needs to be taken out of the equation entirely . The most effective strategy is a holistic approach that delivers visibility and control by focusing on three key areas : who is on the network ; what is on the network ; and what happens to managed devices when they leave the network .
1 . Who is on the network Every digital enterprise has a variety of users . Traditional employees access
Today ’ s networks now have many ‘ edges ’, so it ’ s much harder than it used to be to create a single defensible boundary .
74 www . intelligentciso . com