Zero-Trust Network Access: Why so Many Teams Get it Wrong

For many, this means implementing zero-trust strategies that control access while minimizing friction for authorized users.
One of these pillars - zero-trust network access - is the easiest to implement and the one most organizations are getting wrong.
To understand what they're missing, remember that ZTNA is designed to address the vulnerabilities common to virtual private networks.
ZTNA, on the other hand, is designed to give users access only to those network resources they are authorized to access based on their functional needs.
A user in the finance department shouldn't be able to access critical DevOps or legal systems.
Instead, many organizations set up ZTNA systems and proxies but then give authenticated users complete access to the network.
The InfoSec or network ops teams implementing zero-trust controls are not the application owners and so have little insight into who needs access to what.
Another factor hampering effective access permission-setting is poor group hygiene and identity management, especially in large, mature enterprises.
Given these complexities, it's unsurprising that many organizations skip the granular policy-setting necessary to achieve ZTNA's security potential.
Getting those access permissions wrong can create problems, with users unable to access what they need to do their work.
To limit risk throughout this process, alert network management teams when group members access a non-permissioned resource instead of blocking access.
Examining these alert patterns over time enables network managers to identify if a particular group needs permitted access to that resource.
Using identity governance administration principles, organizations can distribute responsibility for defining access permissions to the business leaders with knowledge of who needs access to which resources.
Because change is a constant in enterprises, regular auditing of which groups have access to certain resources also makes sense.
Perhaps twice a year, InfoSec teams can select a sampling of groups and analyze what they access, comparing these patterns to all the resources they are permitted to access.
If they access a portion of things they are permitted to access, this may reveal a large threat surface.
Right-sizing those access permissions to match the group's work requirements is a key step to eliminating that potential vulnerability.
The potential security benefit of a properly configured and managed ZTNA strategy is immense.
ZTNA complements things like micro-segmentation, which is focused on managing device-to-device interactions rather than human access interactions.
Cybercriminals continue to develop new attack strategies for a simple reason: They effectively overcome the access control measures many organizations have in place.


This Cyber News was published on securityboulevard.com. Publication date: Mon, 18 Mar 2024 14:13:05 +0000


Cyber News related to Zero-Trust Network Access: Why so Many Teams Get it Wrong

Zero-Trust Architecture in Modern Cybersecurity - Clearly, organizations need more robust cybersecurity protections in place, which is leading many to adopt a zero-trust architecture approach. Zero-trust flips conventional security on its head by shifting from an implicit trust model to one where ...
9 months ago Feeds.dzone.com
Zero Trust Security Framework: Implementing Trust in Business - The Zero Trust security framework is an effective approach to enhancing security by challenging traditional notions of trust. Zero Trust Security represents a significant shift in the cybersecurity approach, challenging the conventional concept of ...
10 months ago Securityzap.com
Implementing Zero Trust and Mitigating Risk: ISC2 Courses to Support Your Development - PRESS RELEASE. Zero trust security is a proactive and robust approach to cybersecurity that addresses modern threats by continuously verifying and monitoring all network activities. While its implementation can be complex and resource-intensive, the ...
5 months ago Darkreading.com
Identity Verification and Access Control with No Trust Assumed - Zero trust is a security model that is becoming increasingly important in the world of cybersecurity. In 2023, we will see more vendors offering complete zero trust products and services, and more businesses attempting to implement it. Zero trust is ...
1 year ago Securityweek.com
The 7 Core Pillars of a Zero-Trust Architecture - The zero-trust framework is gaining traction in the enterprise due to its security benefits. Organizations are increasingly adopting a zero-trust model in their security programs, replacing the traditional perimeter-based security model. The ...
6 months ago Techtarget.com
Navigating the Future: Zero Trust and SSE in Cybersecurity Leadership Strategies - This article delves into two potent concepts shaping the future of information security: Zero Trust and Security Service Edge. In this new reality, organizations require adaptable security measures to keep pace with the changing tides. At its ...
7 months ago Cybersecurity-insiders.com
WEF 2024 Report: Cybersecurity at the forefront, zero trust seen as critical for trust rebuilding - The best place for the World Economic Forum to achieve its key theme this year of rebuilding trust is to start with cybersecurity, cyber defenses, and cyber-resilience. Their latest global cybersecurity outlook 2024 insight report delivers insights ...
11 months ago Venturebeat.com
Why a Zero Trust Security Policy Matters and Steps to Implementation - Adaptability: In a world where business operations span across multiple environments, from on-premises data centers to cloud-based applications, a flexible security approach is essential. Zero trust provides precisely that, ensuring that your ...
11 months ago Securityboulevard.com
Cisco Secure Access Extends SSE With Mobile Zero Trust - Earlier this year, we introduced Cisco Secure Access, a security service edge solution that combines a secure web gateway, cloud access security broker, firewall-as-a-service, zero trust access and more, to help organizations address this challenge ...
1 year ago Feedpress.me
Executing Zero Trust in the Cloud Takes Strategy - Zero trust is a high-level strategy that assumes that individuals, devices, and services attempting to access company resources, both externally and internally, can't automatically be trusted. Digital transformation, embracing of SaaS, remote work, ...
11 months ago Darkreading.com
Zero-Trust Network Access: Why so Many Teams Get it Wrong - For many, this means implementing zero-trust strategies that control access while minimizing friction for authorized users. One of these pillars - zero-trust network access - is the easiest to implement and the one most organizations are getting ...
9 months ago Securityboulevard.com
Extended Detection and Response: The Core Element of Zero-Trust Security - Extending and enhancing threat detection and response capabilities in the face of a growing attack surface is the primary result of XDR when it comes to security efficacy. This outcome can contribute not only to comprehensive protection but also to ...
1 year ago Securityboulevard.com
Exploring the Long-Term Benefits of Adopting a Zero Trust Architecture - Over the past few years, the adoption of Zero Trust Architecture as an effective security strategy across many organizations has significantly increased. By definition, Zero Trust Architecture is a security concept developed to ensure that every ...
1 year ago Tripwire.com
The double-edged sword of zero trust - In an era defined by relentless cyber threats and evolving attack vectors, traditional security models are proving increasingly inadequate to safeguard sensitive information. Unlike conventional systems that often rely on perimeter defenses, zero ...
10 months ago Helpnetsecurity.com
The Real Deal About ZTNA and Zero Trust Access - For the last several years, zero trust network access has become the common term to describe this type of approach for securing remote users as they access private applications. Zero trust network access is based on the logical security philosophy of ...
9 months ago Feedpress.me
Schneier on Security - At the airport, I trusted ticket agents and maintenance engineers and everyone else who keeps airlines operating. We trust their intentions, and know that those intentions will inform their actions. We might not know someone personally, or know their ...
1 year ago Schneier.com
ACM will no longer cross sign certificates with Starfield Class 2 starting August 2024 - AWS Certificate Manager is a managed service that you can use to provision, manage, and deploy public and private TLS certificates for use with Elastic Load Balancing, Amazon CloudFront, Amazon API Gateway, and other integrated AWS services. Starting ...
5 months ago Aws.amazon.com
Zero Trust in Cybersecurity: from myth to the guide - This time, I found an article from the Germany's Federal Bureau of Information Security and it was about Zero Trust. I have to say that Zero Trust used to be a lot more prominent in the Corona years, between 2020 and 2022 than it is now. Zero Trust ...
9 months ago Endpoint-cybersecurity.com
ZTNA over VPN Can Be a Good Place to Start Your Zero Trust Journey - Zero-trust network access has become the leading project for organizations looking to adopt zero-trust principles. Gartner predicts that 60% of organizations will be adopting zero trust by 2025,1 so there are lots of zero-trust projects going on. As ...
1 year ago Feeds.fortinet.com
Understanding zero-trust design philosophy and principles - In this Help Net Security interview, Phil Vachon, Head of Infrastructure in the Office of the CTO at Bloomberg, discusses the varying definitions of zero trust among security professionals and companies, emphasizing its broad design philosophy. ...
11 months ago Helpnetsecurity.com
AI Is Changing the Way Enterprises Look at Trust: Deloitte & SAP Weigh In - Whether you are creating or customizing an AI policy or reassessing how your company approaches trust, keeping customers' confidence can be increasingly difficult with generative AI's unpredictability in the picture. We spoke to Deloitte's Michael ...
5 months ago Techrepublic.com
Top 6 benefits of zero-trust security for businesses - Rather than create a framework from scratch, security leaders can choose from the several publicly available methodologies to benefit their own infosec programs. One of the more high-profile examples of available frameworks is the zero-trust security ...
6 months ago Techtarget.com
Network Protection: How to Secure a Network - Network security protects and monitors the links and the communications within the network using a combination of hardware, software, and enforced policies. Best practices for network security directly counter the major threats to the network with ...
7 months ago Esecurityplanet.com
Inside the strategy of Salesforce's new Chief Trust Officer - In this Help Net Security interview, Arkin discusses a collaborative approach to building trust among customers, employees, and stakeholders, focusing on transparency, shared responsibility, and empowering others to integrate trusted and responsible ...
10 months ago Helpnetsecurity.com
Cisco Secure Access named Leader in Zero Trust Network Access - Zero Trust Network Access is a critical component to increase productivity and reduce risk in today's hyper-distributed environments. Cisco Secure Access provides a modern form of zero trust access that utilizes a new architecture to deliver a unique ...
9 months ago Feedpress.me

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)