We’re living in an age where cyber security has never been more in the spotlight. With people leading increasingly digital lives and big chunks of the UK workforce working from home as well as the office, businesses have had to adapt the way they operate and communicate. 

According to the Office for National Statistics, 85% of employees want a hybrid approach to home and office working. While that brings with it lots of opportunities, it can also bring a number of risks including more vulnerability to cyber attacks. A report by Deloitte revealed the average cost of a data breach from remote working can be over £100,000, with 47% of people falling for phishing scams while working from home. And between February and May 2020 more than half a million people globally were impacted by personal data breaches.  

Traditionally, organisations have relied on virtual private networks (VPNs) to provide remote access for employees, but VPNs have limitations in scalability and security, making them less effective against modern threats. 

So, how can you utilise all of the mobile and internet-based applications on offer to increase efficiency and stay connected while feeling confident you’re protecting what matters most? With the growing reliance on cloud services, the organisation’s attack surface is expanding, exposing more potential entry points for cyber threats. Secure remote access has become a critical requirement for businesses, and traditional solutions are being reevaluated to address the evolving security landscape. 

Trust nothing, verify everything, and enforce least privilege access 

With so much reliance on digital it’s becoming increasingly difficult to spot friend from foe, which is why many organisations are starting to look at implementing a Zero Trust Network Architecture (ZTNA). 

As the name suggests, ZTNA centres around the concept of ‘zero trust’. A traditional IT network infrastructure might trust anyone inside your network, but ZTNA requires verification and authentication, therefore there is a ‘zero trust’ model at play. Even once a user is on the network, ZTNA will be dynamically evaluating the trustworthiness of the connection (not just on the user’s credentials but on things like their location and posture too). 

As opposed to perimeter-based security, ZTNA assumes that every device on an enterprise network is potentially infected, and any user is capable of compromising others. Since the concept of trusted and untrusted zoning or locations are not applicable to ZTNA, the most effective strategy is a holistic approach that delivers visibility and control. 

In every enterprise, employees are given access to the network. In addition, partners, and customers are also given access to data and applications either on-premises or in the cloud. ZTNA identifies every single user and what role they play within an organisation. It follows a least privilege access model, so it only grants network access to users to the enterprise resources that are required for their role or job only. If employees would like to gain access to any other resources, it is considered on a case-by-case basis after they put in an access request. 

That’s where a zero trust security model can really make a difference – the security framework requires all users, whether in or outside your network, to be authenticated, authorised, and continuously validated for security, which is why it’s effective for securing remote workers whilst also protecting sensitive data and cloud environments. 

Creating a solution that’s right for you 

Simply put, there isn’t a one-size-fits all approach to ZTNA – what you need may be vastly different from what others need. 

How we can help and steps to an effective ZTNA strategy 

Creating a strategy and implementing ZTNA can seem overwhelming. It’s important to understand that in many ways this process is a transformation for your business, not just across your network infrastructure but across your individual business silos and company policies. 

At TNC, our unique position in the market allows us to get right to the core of what your business needs, helping you build a strategy to move forward. 

While ZTNA is just a concept, there are several key components to review. Everything in the path between user and application must be considered including: 

Endpoint 

Your endpoint devices are an obvious potential weak point in your network’s security. Whether your workforce is using mobiles, laptops or desktops remotely or in branch locations we can work with you to define and design the most secure and frictionless infrastructure solution. 

SD-WAN 

We know that every business is different so we’ll work with you to develop a forward-thinking strategy that takes into account what you already have in place. ZTNA isn’t a “rip and replace” solution, it’s a transformation, and if current resources can be used then they should be. For example you may already have an SD-WAN in place to help optimise your network and give better brokerage between clients and applications – we can look at the best way of integrating this into ZTNA and SASE products. 

SASE 

Using SASE you can combine your SD-WAN and other security and network tools into a single unified management platform. This is led by your compliance policy, allowing you to know who, what and where anything and everything is on your network, which is then verified by digital identity and real-time context of where the connection is coming from. This gives you peace of mind over security both on and off your network while simplifying and streamlining both management and user experience. 

IDAM and user identity 

Cloud-based Identity and Access Management (IDAM) systems allow your workforce to securely access your network applications from anywhere in the world. In a Zero Trust environment your IDAM is where all your access management and security policies will sit interfacing with your SASE environment, talking to your application gateway where access to your network applications will be granted or denied. We can work with you to develop the best approach to suit your specific business model and policies, making sure you’re getting the best solution for your needs. 

We know transformation isn’t always easy. It requires you to tackle a broad range of elements including detailed discovery, analysis, planning, strategic supplier selection and implementation. 

Our framework can help you during each step of the process, from baselining current services and business case creation to option analysis and sourcing strategy. 

Want to find out more about implementing ZTNA and how we can help? Get in touch with our expert team today who can talk you through your network transformation journey in more detail. 

Other than matters relating to The Network Collective, this research is based on current public information that we consider reliable. Opinions expressed may change without notice and may differ from views set out in other documents created by The Network Collective. The above information is provided for informational purposes only and without any obligation, whether contractual or otherwise. No warranty or representation is made as to the correctness, completeness and accuracy of the information given or the assessments made.

This research does not constitute a personal recommendation or take into account the particular investment objectives, financial situations, or needs of individual clients. Clients should consider whether any advice or recommendation in this research is suitable for their particular circumstances and, if appropriate, seek professional advice.

No part of this material may be (i) copied, photocopied or duplicated in any form by any means or (ii) redistributed without the prior written consent of The Network Collective Limited © 2022

TNC is completely independent of all service providers – always has been, always will be.