ZERO-TRUST NETWORK ACCESS (ZTNA)

Zero Trust is a security framework requiring all users, whether in or outside the organisation’s network, to be authenticated, authorised, and continuously validated for security configuration and posture before being granted or keeping access to applications and data. Zero Trust assumes that there is no traditional network edge; networks can be local, in the cloud, or a combination or hybrid with resources anywhere as well as workers in any location.

Zero Trust is a framework for securing infrastructure and data for today’s modern digital transformation. It uniquely addresses the modern challenges of today’s business, including securing remote workers, hybrid cloud environments, and ransomware threats. While many vendors have tried to create their own definitions of Zero Trust, there are a number of standards from recognised organisations that can help you align Zero Trust with your organisation.

• Continuous verification.  Always verify access, all the time, for all resources.

• Limit the “blast radius.”  Minimise impact if an external or insider breach occurs.

• Automate context collection and response.  Incorporate behavioural data and get context from the entire IT stack (identity, endpoint, workload, etc.) for the most accurate