CV_Spring_2021

How it works Zero trust is a framework or method- ology that relies on several different technologies and systems. There is no single solution for achieving end-to- end zero trust. For example, one of the core technologies behind zero trust is identity access management (IAM). Many companies are now using IAM platforms to obtain full visibility and control over all their identities. A robust zero trust framework may also combine multifactor authentication, encryption, and real-time security and information event monitoring (SIEM). In addition, zero trust relies heavily on governance. It requires revoking all trust and only granting access on an as-needed basis. Administrators can grant access to individual users or identities or entire groups. As such, it requires buy-in from end users, and a shift in mindset. Importance for Partners As you can see, there is clear and present demand for zero trust — especially now that most compa- nies are either fully remote or moving toward hybrid work models. For partners, zero trust offers an opportu- nity to help customers reduce some of the major threats associated with cloud migrations. Zero trust frameworks can lead to tighter overall security and data protection, simpler manage- ment through automation and security compliance. Zero trust also can introduce custom- ers to new types of technologies. According to MarketsandMarkets, the global zero trust security market is on pace to grow from $19.6 billion in 2020 to $51.6 billion by 2026, for a compound annual growth rate of 17.4 percent. What’s more, Gartner found that by 2022, 80 percent of new digital business applications opened up to ecosystem partners will be accessed through zero-trust network access (ZTNA). And by 2023, 60 percent of enterprises will phase out most of their remote access virtual private networks (VPNs) in favor of ZTNA. Making Zero Trust Work As important and profitable as zero trust may be, partners and MSPs should use caution when suggesting this strategy to customers or imple- menting tight security frameworks. The truth is that not everyone is going to be on board with zero trust, and some pushback may occur — especially from busy end users who may see zero trust as overly restric- tive or unnecessary. According to Bob Andrews, CEO and principal of California-based Computer Logistics, zero trust also can be problematic for MSPs. “Zero trust is hard to do as an MSP,” explained Andrews. “Locking down an organization and expanding that [strategy] is not easy. To many people, it can feel like you’re slowing them down.” The trick is to ease teams into zero trust frameworks and make them understand how zero trust can actually expedite workflows using automation. Plus, zero trust can prevent security vulnerabilities and data breaches that can lead to much longer and more extensive delays. Partners and service providers are encouraged to start with educating teams about zero trust, helping them see the value that it offers. Instead of rapidly implementing and enforcing zero trust models, it’s necessary to explain why they’re important and useful. Another strategy is to test zero trust models on small groups of end users, to obtain buy-in and collect feedback. Other teams may be more willing to try something such as a zero trust frame- work after learning about internal use cases and seeing them in action. This approach may take more time to roll out, but it could go a long way in strengthening security and preventing pushback from end users. o CYBER PATROL Conceptual Model of Service-Initiated ZTNA Wi-Fi 6 Shipment For cast Wi-Fi By the Numbers 2021 Source: Deloitte 1 year 1-3 years 3-5 years 5 years substantially transform Register Application Source: Gartner Source: IDC, 2020 Connect to Provider Authentication Verify Identity Session Established cumulative device shipments economic value annual device 3 5 4 2 1 2018 2019 Billion 2020 2021 2022 2023 2024 0 0.5 1 1.5 2 2.5 3 3.5 4 4.5 5 1 2 3 4 5 ZTNA Broker/Proxy Enterprise Directory of IdaaS ZTNA Connector End-User Device Application Wi-Fi 6E Wi-Fi 6 $3.3 trillion 4.2 37.5 Cloud-First Organizations Struggle with Traditional Remote Access I am forced to ‘hairpin’ remote users through my data centers to access apps in cloud 47% I am unable to deploy my preferred remote VPN appliance in public cloud environments 39% I have to publicly expose my private apps in public cloud in order to provide access 31% Source: Netskope; survey of security professionals 42 CHANNEL V ISION | May 2021