CV_Spring_2021

C ompanies used to rely heavily on secure network perimeters to protect their systems and data. This was back when networks were mostly centralized, and the majority of employees were on-site throughout the day. The IT landscape has changed dramatically during the last few years, with networks becoming increasingly decentralized and remote. At the same time, cyberthreats have skyrocketed. And as a result, yesterday’s trust- driven security frameworks are no longer as effective as they once were. As a result, many organizations are now turning to zero trust architectures to modernize their security strategies — making zero trust a key buzzword to know about in 2021. Just as the name suggests, zero trust security models assume that all identities across an organization are a potential security threat. It’s important to note that identities in this case can refer to both human and non-human accounts which act on behalf of workers. For example, a non-human identity could be a piece of code or compute. Oftentimes, non-human identities are deployed to assist with automated workflows. During the last year, there has been a significant increase in non-human identities, due to widespread cloud adoption. Companies are also dealing with many new human identities, with the rising gig economy. This, in turn, has increased the threat surface, giving cybercriminals more entry points into organizations. In short, zero trust access involves discovering, tracking and restricting access to all identities in an organiza- tion and setting firm policies governing access to databases and systems. Zero trust requires cutting off access to machines and IP addresses and deter- mining who or what they are, what their role is, why they need access, and when they need access. By Gerald Baldino CAN’T TRUST ANYONE Why demand for zero trust security is growing, and how to make it work CYBER PATROL Security Moving to Cloud, ZTNA No Exception We plan to solely use SaaS-based zero trust access capabilities 25% We plan to implement zero trust access capabilities on-premises and SaaS 53% We are satisfied with our current in-house implementation 11% We have too many legacy applications or compliance restrictions 11% Source: Netskope; survey of security professionals 40 CHANNEL V ISION | May 2021