ZTNA is an exciting approach to secure enterprise access because of the variety of use cases that are now only beginning to be explored. Jaye Tillson, director of strategy (field CTO), Axis Security, discusses how zero trust network access and the secure service edge (SSE) are changing network security and enterprise access.
According to GartnerOpens a new window , Zero Trust Network Access (ZTNA) is expected to grow from less than 10% share at the end of 2021 to “at least†70% by 2025. With numbers like that, it is no surprise that ZTNA is the fastest-growing segment in network security.
“As organizations become familiar with ZTNA, there is a growing trend to use it not only for remote working use cases but also for workers in the office.â€
As ZTNA solutions become a component of a broader category called Secure Service Edge (SSE), there are new use cases to benefit from. SSE platforms integrate ZTNA, Secure Web Gateway, Cloud Access Security Broker, and Digital Experience into a single, easy-to-use interface.
In fact, in a recent survey by CyberSecurity Insiders, 47% of respondents stated they would begin SSE adoption with Zero Trust Network Access (ZTNA) technologies as they seek to consolidate their security solutions. 63% of businesses expect SSE to replace or eliminate VPN Concentrators, 50% expect SSE to replace or eliminate the need for SSL Inspection, and 44% expect SSE to replace or eliminate the need for DDoS.
With this in mind, let’s examine the two key lesser-known use cases for ZTNA/SSE solutions that will drive demand in the coming years:
-
- Mergers and acquisitions
- Cloud-delivered branch offices replace SD-WAN, MPLS
M&A: How ZTNA Offers an Elegant Solution
Mergers are stressful for IT and security teams. It’s a hard enough job without adding hundreds, thousands, or tens of thousands of new users to your network and systems. Technology stacks and enterprise networks are a bit like snowflakes, no two are alike. That means complexity, integrations, and turf wars. Meanwhile, the C-Suite is focused on efficiency, synergies, and demonstrating immediate return on investment (ROI).
Once a merger closes, the IT and security teams aren’t just responsible for providing access to applications and systems to the acquired company’s employees and vice versa. That company comes with a constellation of business partners, suppliers, and subcontractors, all needing access to enterprise resources to do their jobs.
Each deal comes with its own levels of complexity, and over the years, there has been more and more pressure from the business to integrate systems faster and faster. Access to many systems is now expected to be granted on day one but trusting all devices, users, and systems from a newly acquired company on day one comes with significant risk.
Providing VPN access to a broad group of employees and third parties to many systems and applications represents an extraordinary and unnecessary risk. ZTNA offers an elegant solution to this problem for everyone. For IT and security, it eliminates a large amount of complexity and significantly reduces the organization’s threat surface and risk profile. For users, it offers a better experience than legacy VPNs. For executives, it offers a quick win reducing the level of risk and demonstrating ROI.
Bye-bye Branches: More Visibility into User Behaviour
One of the most significant opportunities for ZTNA/SSE solutions is in the cloud-delivered branch office. In a multi-cloud, hybrid work world focused on digital transformation and agility, traditional branch products are way too complex and expensive. In fact, 87% of companies consider the internet as the new WAN. Traditional network-based infrastructures like VPN, WAN Gateways, Network Access Controllers, Proxy Servers, Firewalls, and MPLS – are becoming obsolete as a result.
The rise of the Cloud meant that both applications and data became distributed, and the pandemic has added users and devices to this distribution. As a result, the way companies deliver and secure their applications, data, users, and devices has become even more difficult, leading to increased complexity, cost, risk, and the need for network transformation.
Network transformation means embracing the cloud to deliver access that is fast, seamless, secure, and that scales cost-effectively – from any branch location. Eliminate expensive backhauling of MPLS traffic by leveraging cloud edges to deliver more immediate access to cloud or on-premises applications. This reduces the attack surface, delivers unmatched visibility into branch user behavior, and minimizes lateral movement within the branch for user-to-app and server-to-server traffic.
See More: VDI and Zero Trust Network Access (ZTNA) to Ensure Security
Network Transformation with ZTNA and SSE
COVID dictated that the future of work was going to be hybrid. Users can now work from anywhere, and this means that enterprise resources need to be accessed from anywhere, on secure and insecure networks, and on personal devices. It also exposed that existing approaches, like VPNs, couldn’t scale, involved hardware and network upgrades, and, most importantly, presented a clear and present danger to the business.Â
VPNs are not in-line with zero-trust architectures or attitudes, and this is now a critical strategy for most companies due to executive order 14028Opens a new window , “Improving the Nation’s Cybersecurityâ€. This order requires agencies to enhance cybersecurity and software supply chain integrity and was in response to the growing number of cyberattacks against government agencies, critical infrastructure, and other companies. VPNs bring all users onto the network to access critical resources. Once there, they have little visibility and control if a user has malicious intent. In a remote world, VPNs were exposed as being out of touch with current needs.Â
Acute pandemic-driven needs meant that third-party access was the very first use case for ZTNA. It made too much sense to keep those users off the network but still be able to access the resources they need. Employees came next. While enterprises adapted, vendors innovated and quickly integrated ZTNA into broader SSE solutions that address even more critical issues like ransomware, insider threats, acquiring a breach through M&A, and network modernization. This is why the growth for ZTNA is so promising, and there are multiple untapped, critical use cases with enormous benefits to the enterprise.
Is your enterprise tapping into the benefits of ZTNA and SSE? Tell us about it on FacebookOpens a new window , TwitterOpens a new window , and LinkedInOpens a new window .
Image Source: Shutterstock