Zero Trust Network Access (ZTNA) provides secure remote connectivity to applications and data on enterprise networks, by continuously assessing and authenticating users before each transaction. ZTNA follows a least-privilege access model by masking applications from public discovery, eliminating the risk of threat actors, especially malicious insiders, moving laterally within the network. In short, it denies access to everything, and trusts no one..

According to our recent ‘Insider Threat Report 2022 – Singapore Edition’ [1], 60% of enterprises agree that zero trust technologies are extremely effective in combatting insider threats. Unlike VPNs, ZTNA recognises that threats can exist both beyond and within the network boundary. It thus cordons off external attackers and at the same time prevents internal users already on the network from jeopardising critical applications.

Striking the right balance

While unimpeded network access and zero trust network access may seem to be on opposite ends of the spectrum, enterprises can still leverage ZTNA without getting in the way of genuine user activity by taking a holistic and dynamic approach to authentication policies.

By using AI-based ZTNA systems such as Blackberry’s CylanceGATEWAY, enterprises can use intelligent, context-aware policies to uncover threats rather than exercising a complete denial of access. By continuously analysing and contextualising threat information, the system is able to detect suspicious behaviour and lock down access points accordingly. This involves establishing trust scores for users based on their IP addresses and identities as well as their behaviour on the network, the resources they access, and how this compares with past activity. Where this score improves, users are more implicitly trusted; where it deteriorates, they are asked to re-authenticate.

While ZTNA is often premised on application-level access controls, taking a granular file-level approach provides more leniency across low-risk applications while protecting critical data with higher scrutiny. Where authorized employees are given permission to parts or all of the network, an advanced encryption solution such as Atakama ensures that users are only able to access certain documents after being given permission through multi-device authentication.

Alternatively, enterprises can opt for encryption-in-use tools such Titaniam. As the only data-in-use encryption solution in the industry, this enables employees to go about their daily transactions of sharing, accessing and using data without any raw text ever being exposed, using translation APIs and plugins. Even in the event that the data is exfiltrated by malicious third parties, the data remains encrypted and inaccessible.

Instead of shutting down access to all applications, ZTNA systems like CylanceGATEWAY boast segmentation capabilities that allow different groups of applications to be hidden from different users, or entirely from public visibility, while allowing free access elsewhere. Some enterprises can even exercise surgical access permissions, which still allow an insider to access non-critical data even after they are flagged. This keeps the broader network open and accessible, but critical apps safely stowed away.

Best of both worlds

ZTNA boasts unparalleled stringency and security, so much so that federal governments have begun to mandate the use of zero trust technologies for their cybersecurity systems. By deploying solutions that utilise dynamic rules and segmented access policies, enterprises can strike the right balance between accessibility and security across their networks.

Sources:

[1] Insider Threat Report 2022 – Singapore Edition, Halodata, June 21, 2022,
https://halodata.asia/SG-insider-threat-report

Synopsis