�
PREDICTIVE INTELLIGENCE
Why controlling device network access remains relevant in a Zero Trust world
Achieving Zero Trust for an organisation requires several different solutions all working together dynamically , and modern NAC approaches have a key role to play . Todd Schoeman , BT Client Business Director in South Africa , expands on this and discusses the capabilities essential for a dynamic Zero Trust architecture . ince its inception in
S
2019 , the concept of Zero Trust has become a guiding principle for many cybersecurity practitioners . In an Executive Order on May 12 , 2021 , the US Government specifically called on federal agencies and their suppliers ‘ to modernise [ their ] approach to cybersecurity ’ by accelerating the move to secure cloud services and implementing a Zero Trust architecture .
When many people think of Network Access Control ( NAC ) they often only think about perimeter security , leading to questions about its continued relevance in Zero Trust network environments . However , NAC solutions have evolved to support many of the capabilities that are essential to a dynamic Zero Trust architecture – and have a critical role to play in helping organisations on their Zero Trust journey .
The complexity behind the ‘ Zero Trust ’ term
‘ Zero Trust is not a single architecture , but a set of guiding principles for workflow , system design and operations ’ – National Institute of Standards and Technology Special Publication 800 – 207
As with many IT concepts , a single phrase such as ‘ Zero Trust ’ brings with it a range of interlinked challenges , projects and other considerations . Most security vendors today can justifiably link their solutions to Zero Trust and there are numerous lists of the ‘ top 10 Zero Trust security solutions ’ on the Internet .
As humans , we like easy fixes , so it ’ s in vendors ’ interests to simplify a problem down to a single solution that can answer all the customer ’ s security challenges .
However , the problem with this silver bullet approach is that it ignores the real and messy environments that all organisations need to navigate . No single vendor can achieve Zero Trust for an organisation – it requires several different solutions all working together dynamically .
Added to this , many experienced CISOs see Zero Trust as an aspirational goal that is several years away and not so much as a one-off solution . What ’ s critical is to make technology decisions now that will move you along the Zero Trust pathway , while avoiding decisions that will force backwards steps later on .
The addition of Internet of Things ( IoT ), Internet of Medical Things ( IoMT ) and Operational Technology ( OT ) devices has also increased the challenge , because it ’ s impossible to control many of these devices using traditional agents and authentication processes .
Network Access Control has evolved
NAC as a concept is great – prevent unauthorised access to your networks by controlling who and what can access it . However , many organisations have struggled to rollout traditional NAC solutions , finding projects extremely time-consuming , with lower-thanexpected return on investment and unwelcome user friction . This meant many organisations decided NAC projects were too difficult .
Added to this , many have thought NAC is only about perimeter security and have argued that NAC solutions aren ’ t relevant as we move towards a Zero Trust world .
However , modern NAC solutions have evolved significantly since the days of the 802.1X network authentication protocol and all the challenges that go with managing supplicants , certificate trusts and insecure bypass lists . www . intelligentciso . com
33