Concern for security in communications in companies experienced significant growth with the arrival of the pandemic. Hundreds of thousands of workers around the world began telecommuting from home at its peak, and corporate security managers began living their worst nightmares: employees uncontrolled accessing company networks from thousands of offsite locations. . Had have protect your connections and accessand many started, in just a few days, to use VPNs for it.
But access through virtual private networks to company networks had limitations that, in many cases, were important. Especially in terms of scalability and, although it may seem paradoxical, also in security. For this reason, in a very short time the use of a different security system, based on zero trust in accesses and devices, began to gain momentum in companies. Its about Zero Trust Network Access (ZTNA), popularly known as “zero trust”.
What is the zero trust model
Zero trust is a security model that, by default, denies access to applications and data. Threat prevention, along with access to the systems that this system protects, is only achieved by granting access to networks and workloads through various policies. These policies are backed by ongoing, risk-based, contextual verification of both users and the devices they use to access networks and data.
This model is therefore based on three fundamental principles: distrust by default in all entities and people, least privilege access enforcement and implementation of full security monitoring. Therefore, access is denied by default, access is granted solely based on policy; and these are granted, one by one, to data, workloads, users, and devices.
The most important point of the zero trust model, therefore, is the reduction of implicit trust. It is an information security model that transfers its principles to both the network and the security architecture. When implemented, network user access is expressly limited to the applications and tools to which they must have access.
According to Gartner estimates, by 2025 there will be at least 70% of new remote access deployments that will primarily use the zero trust access model. This is a very notable growth in just five years, since at the end of 2021 the adoption of the zero trust model did not reach 10% of these deployments.
There are many technology options that support the zero trust model. These include software-defined wide area networks (SD-WANs), secure web gateways (SWGx), and cloud access security brokers (CASBs). Of course, the identity of the person making the connection is crucial for the access model, because it is as if the system asked you, when trying to access, who you are, what you have access to and what you are accessing. In addition, of course, to monitor the entire process and what you do every time you are connected to the network.