If you aren’t familiar with the term, you may be wondering, what does the acronym ZTNA stand for? ZTNA simply stands for Zero Trust Network Access. As defined here by Crowdstrike, “Zero Trust is a security framework requiring all users, whether in or outside the organization’s network, to be authenticated, authorized, and continuously validated for security configuration and posture before being granted or keeping access to applications and data”. In a Zero Trust model, no one seeking access is trusted by default; rather verification (preferably multi-factor authentication) is required from every identity before gaining access to data and network resources from inside or outside the network.
New threats are emerging, and as user endpoints expand your security perimeter with hybrid work, security practices must adapt and become more sophisticated. More than 80% of all attacks involve credentials use or misuse in the network. Today we will lay out why your organization should migrate to a Zero Trust Network Access model (referred to as ZTNA from here on). If you are interested in scheduling time to speak with one of our experts to learn more specifically how the security practice fits your organization, check out our contact us page.
Efficiency in preventing ransomware from spreading and executing
Ransomware can both quickly breach and spread throughout a network. With a VPN in place, it is assumed that if you have a username and password, you belong. ZTNA removes the entire concept of trust, as it does not implicitly trust the user, the device, or the network, and there are constant checks and validations needed for access. Our experts note that access can be restricted on the fly in a ZTNA environment if the network notices malicious intent.
As a user, if you log into your device in Ohio, and then 20 minutes later your device is logged in across the world in Greece with the same credentials, monitoring done to support ZTNA would be able to flag this as malicious. The constant contextual checks will identify that an employee can't be in those two locations 20 minutes apart. Check out a quick snip from our VP of Cybersecurity Services, Stephen Jones:
Last year on this topic, we published a blog illustrating actionable steps an organization should take to implement Zero Trust. These steps include;
- Protecting Your Vault of Data
- Following Every Trail
- Establishing Limits for Each Identity
- Maintaining a Wall
- Monitoring the Threat Landscape
Check out the full blog here, and at the end please take our Cyber Hygiene Quiz!
In 2022, one-time validation in the form of a username and password on a log-in screen is not enough to keep your organization safe. This security model is necessary to best protect against ransomware, insider threats, and other attacks that will come up. If you are interested in scheduling time with a Dataprise expert to learn more about how we can custom fit everything for your organization, reach out to us here, or give us a call at 1.888.519.8111.
Also, here is the link to the full webinar recording, Cybersecurity in 2022 where you can hear Dataprise Experts Stephen Jones and David Schwartz further the discussion and explore other topics.