However now, with a much greater proportion of staff working away from the office, the way in which remote access is being tackled is changing. Rather than simply relying on traditional methods such as virtual private networks (VPNs), organisations are examining other alternatives.
In many cases, there is a growing trend to bring together network and security services and shift them to the cloud. Components being included in this change include Software-Defined Wide Area Networks (SD-WANs), Firewall as a Service (FaaS), Secure Web Gateways (SWG), and Zero Trust Network Access (ZTNA).
To describe this trend, research firm Gartner has coined the term Secure Access Service Edge (SASE) and forecasts it will be worth US$3.0 billion in 2020 and grow to $US11 billion by 2024.
By 2022, Gartner says 80 per cent of new digital business applications opened up to ecosystem partners will be accessed through ZTNA and, by 2023, 60 per cent of enterprises will have phased out most of their VPNs in favour of ZTNA.
As well as increasingly distributed remote workforces, the forces driving the shift to SASE include the decentralisation of IT infrastructures and the migration of applications from corporate data centres to cloud platforms. The result is the disappearance of the traditional corporate network perimeter.
The rise of ZTNA
The adoption of ZTNA as a remote access strategy represents a significant shift in thinking for many organisations. Rather than relying on VPNs to provide an encrypted tunnel between remote workers and centralised IT resources, ZTNA creates an identity and context-based boundary around both resources and users.
As a result, remote access can be efficiently scaled and made available to larger numbers of users than would be possible with VPNs. This is critical when it’s likely that large groups of staff will continue to work remotely for an extended period.
Essentially, users and applications begin from a point of not being trusted at all. Connections are only established once users and applications can prove their identity and that they are authorised to connect.
ZTNA overcomes some of the restrictions that have caused by the use of VPNs. Often, they lack performance and cause user frustration and reduced productivity. They also pose significant security risks as they lack granular control over who can access which resources. VPNs also tend to lack global access policy enforcement which can make management challenging.
Delivering key benefits
Adopting a ZTNA strategy can provide some significant benefits for organisations of all sizes. Rather than needing to rely on existing, constrained VPN infrastructure, they are much more able to scale to meet the increased demand for staff to work from home.
New users can also be readily added. Rather than having to undertake expensive upgrades of VPN concentrators in the corporate data centres, users can be added via a cloud-based ZTNA platform.
Users also benefit from better network performance. Rather than all traffic having to be routed via the corporate data centre, users are able to access cloud-based data stores and applications directly.
Risk mitigation is also improved as users and devices are constantly being verified as part of the ZTNA approach. The overall attack surface is also reduced as access is being granted just to specific applications and not to the entire corporate network.
Embracing a ZTNA strategy can significantly improve the way in which remote working capabilities are delivered and managed. User productivity can be enhanced while corporate IT security is improved.
Taking advantage of ZTNA today can ensure an organisation is well positioned to handle the challenges of tomorrow.
