Insider Threats

Opening the Door to Zero Trust Network Access

APPLY FOR PARTNERSHIP

Thank you for your interest. Kindly fill out the details below and we will contact you back soon.

Contact Us

Please complete this form to be contacted by one of our experts.

[hubspot type=form portal=25515721 id=d6181c33-f2bb-4030-8cb7-108bef5e36c9]

  1. Home
  2. /
  3. Our Blog
  4. /
  5. Opening the Door to Zero Trust Network Access

Zero Trust Network Access (ZTNA) provides secure remote connectivity to applications and data on enterprise networks, by continuously assessing and authenticating users before each transaction. ZTNA follows a least-privilege access model by masking applications from public discovery, eliminating the risk of threat actors, especially malicious insiders, moving laterally within the network. In short, it denies access to everything, and trusts no one..

According to our recent ‘Insider Threat Report 2022 – Singapore Edition’ [1], 60% of enterprises agree that zero trust technologies are extremely effective in combatting insider threats. Unlike VPNs, ZTNA recognises that threats can exist both beyond and within the network boundary. It thus cordons off external attackers and at the same time prevents internal users already on the network from jeopardising critical applications.

This, however, poses a paradoxical problem. While continuous denial of access may seem effective at preventing any abuse of implicit trust, it also gets in the way of harmless employee activity and unnecessarily wastes time on authentications and re-authentications. This has led to enterprises providing certain employees with authorized accounts that bypass these defences, rendering ZTNA useless. Nearly a third of the enterprises surveyed feel that authorized insider accounts defeats the purpose of ZTNA, as privileged insiders are no longer subject to the same security measures faced by other internal or external users. This makes privileged accounts a safe haven for insider threat actors, and thus the most crucial place to detect malicious behaviour, according to 66% of enterprises.

Striking the right balance

While unimpeded network access and zero trust network access may seem to be on opposite ends of the spectrum, enterprises can still leverage ZTNA without getting in the way of genuine user activity by taking a holistic and dynamic approach to authentication policies.

By using AI-based ZTNA systems such as Blackberry’s CylanceGATEWAY, enterprises can use intelligent, context-aware policies to uncover threats rather than exercising a complete denial of access. By continuously analysing and contextualising threat information, the system is able to detect suspicious behaviour and lock down access points accordingly. This involves establishing trust scores for users based on their IP addresses and identities as well as their behaviour on the network, the resources they access, and how this compares with past activity. Where this score improves, users are more implicitly trusted; where it deteriorates, they are asked to re-authenticate.

While ZTNA is often premised on application-level access controls, taking a granular file-level approach provides more leniency across low-risk applications while protecting critical data with higher scrutiny. Where authorized employees are given permission to parts or all of the network, an advanced encryption solution such as Atakama ensures that users are only able to access certain documents after being given permission through multi-device authentication.

Alternatively, enterprises can opt for encryption-in-use tools such Titaniam. As the only data-in-use encryption solution in the industry, this enables employees to go about their daily transactions of sharing, accessing and using data without any raw text ever being exposed, using translation APIs and plugins. Even in the event that the data is exfiltrated by malicious third parties, the data remains encrypted and inaccessible.

Instead of shutting down access to all applications, ZTNA systems like CylanceGATEWAY boast segmentation capabilities that allow different groups of applications to be hidden from different users, or entirely from public visibility, while allowing free access elsewhere. Some enterprises can even exercise surgical access permissions, which still allow an insider to access non-critical data even after they are flagged. This keeps the broader network open and accessible, but critical apps safely stowed away.

Best of both worlds

ZTNA boasts unparalleled stringency and security, so much so that federal governments have begun to mandate the use of zero trust technologies for their cybersecurity systems. By deploying solutions that utilise dynamic rules and segmented access policies, enterprises can strike the right balance between accessibility and security across their networks.

Sources:

[1] Insider Threat Report 2022 – Singapore Edition, Halodata, June 21, 2022,
https://halodata.asia/SG-insider-threat-report

Synopsis

This article, based on the findings from Halodata’s 2022 Singapore Insider Threat Report, explores the topic of Zero Trust Network Access (ZTNA) and how enterprises can leverage it to combat insider threat without compromising on employee productivity.

It’s Time to Get Started with Halodata

Request Demo

Contact Us

Please complete this form to be contacted by one of our experts.

[hubspot type=form portal=25515721 id=d6181c33-f2bb-4030-8cb7-108bef5e36c9]

Talk to one of our experts and discover the benefits of Halodata for your company.