One of the most popular concepts that was developed during the Covid times was the ZTNA (Zero trust Security), which became a huge buzz-word with everyone moving to the approach for a border-less perimeter architecture.
It was always tough situation when it came to provide access to users who wanted to connect remotely either from their home, café, road warriors or for that matter any remote location. Probably we had the dynamics or maybe we were not that ready for such kind of situation/scenario.
However, when Covid kicked-in everybody was in a panic situation and wanted the business to be still working and had no/limited option for adopting ZTNA which would provide secure access to end users from any location thereby virtually make it a seamless, borderless access reality to all users. However, security was a major concern with the adoption of this concept.
So, what exactly is a ZTNA and what steps were taken by the industry for its grooming and survival is the context of this article.
ZTNA:
While there are many discussions, theories, and arguments about ZTNA; it is essential to understand what exactly it is; however, many expert’s opinion vary on their concepts and theories which is in no way wrong or out of context.
ZTNA is a concept, while other many other may argue saying that it is a strategy, framework for a secure access over un-secured environment; this is what the fundamental logic is when we are talking about ZTNA. No matter, where the user is situated, the solution should be able to authenticate the user, verify his identity, provide seamless access to the authorized user based on his roles and responsibilities, manage security efficiently along with the user experience and finally have secure logging and monitoring capabilities during the end users time of access.
The essential component for ZTNA is SASE (secure access service edge), NG (next generation Firewall, SD-WAN and other cloud-based services in native platform. However, that doesn’t mean that ZTNA is a cloud-based concept only and cannot be implemented on premises or in Hybrid scenarios.
Like I said it is a concept and if was not one; we would have different strategies and frameworks in place when we are deploying the solution in cloud, on-premises or in a hybrid environment.
In all situation and scenarios, ZTNA is possible to implement and will work as desired.
While I would not discuss the technicality of the things here because it would be too lengthy and is a separate topic. I will be discussing more on the adopting of ZTNA.
Cloud:
Adoption of ZTNA for cloud-based organization is much easier and friendlier than any other situations/scenario because all the workloads are in the cloud and the organization is already using SASE, NGFW and SD-WAN solution at their end. There is less difficulty in its adoption and scalability for such a situation because they can leverage their existing set-up.
So we are all good when we are talking about the cloud based organization here when it comes to adoption and implementing this concept. Let’s move on the on-premise situation next.
On-Premise:
When it comes to the on-premise situation; adoption of ZTNA seems to be a challenge here with the legacy systems, network and architecture most organizations are reluctant on even discussing the possibility of adopting ZTNA.
However, this is not the case now since many on-premise services and products are now baked in with this concept. So I would suggest in case you have not started the journey to have a road map and strategy in place as part of your tech refresh projects to use solutions which uses the ZTNA concept. The adoption cycle would be around a period of 3 years minimum where you plan to have systems and rework your architecture to accommodate this solution. So now let’s quickly move to the last one i.e. hybrid.
Hybrid:
While adoption in a hybrid environment may take time (adoption is already done based on the cloud initiatives of the organization) but the complete migration may take some time here.
Here I would recommend we use the same strategy which we discussed for on-premises for a meaningful adoption.
While all this while I was harping of ZTNA; there are multiple benefits on adoption of this concept in your organization and would strongly recommend implementing the same at your end.
Benefits of ZTNA:
- Border-less Security: wherever you connect from you are accessing your systems, apps, and servers in a secure and trusted manner; leaving less chances of attacks and threats.
- Superior productivity: while today work forces are scattered across the globe and location providing them a seamless and quick access to all systems, apps, and servers for increasing their productivity is the need of the hour.
- Extension of your parameter & network: This is one of the biggest use cases of ZTNA it extends your network and parameters for your partners, third-party vendors, and externals with secure access to your resources.
Mr. Melwyn Rebeiro
Julius Baer Wealth Advisor Pvt Ltd
Director-GRC, CISO & DPO