The Role of Zero Trust in Enabling Hybrid Work
Zero Trust…it’s probably one of the biggest IT buzzwords in the last decade.
While it seems that every vendor claims to be an enforcer of zero trust, there is value behind the concept if you can cut through the marketing haze.
One of the greatest areas of value is around enabling hybrid work for employees.
Remote work and hybrid work have extended the corporate world to every home, and user device. The workforce must access wherever they are, from whatever device is in front of them. The control IT once had has *literally* left the building, making it critical that each and every connection operates on a zero trust basis.
There are three reasons for why zero trust is a great fit for the modern workplace.
Securing access to business resources
Increasingly mobile workforces bring with them an increasing level of risk. With work happening at home, the office, and really anywhere, security MUST be the same no matter who, what, when, where and how business data is being accessed.
With hybrid work, the concept of on-prem and off-prem goes away. Likewise, with zero trust the concept of trusted and untrusted goes away. Why? Because with ZT trust is never inherently given, the default assumption is that everything is hostile. The thought being that an in-office employee using a managed device should start with the same level of trust as a WFH user with a BYOD device. However, like everything in nature, a trust relationship must be established and earned through continuous criteria.
One way to look at this is that Zero Trust is the pathway in which hybrid work connections should flow. This involves adopting a Security Services Edge (SSE) platform that acts as the security checkpost for all entities – whether user or server. A key component of any SSE platform is Zero Trust Network Access (ZTNA). ZTNA solutions represent the first door that should be opened. They offer secure access to private apps (the starting point for most zero trust journeys). As the hybrid workforce continues to evolve and mature, Forrester recognizes ZTNA as an essential technology in the implementation of a zero trust edge (ZTE) model. Further, Gartner predicts that ZTNA technology will replace 60% of VPNs in the next two years as enterprises enforce Zero Trust.
Making access simpler for IT
How many appliance boxes does your business have? I’m sure for many the answer is “too many.” With apps migrating to cloud and users remote, the once (somewhat) simple network-centric security has become as tangled as a pair of wired earbuds. With network-based security the answer is always “more and bigger boxes”. This makes management for IT complex and time consuming. Additionally, the constant backhauling of traffic through these appliance gateways ultimately impacts the experience and productivity of the end-user.
A Security Services Edge (SSE) makes zero trust simple, allowing IT to avoid complex network-security architectures, removing the convoluted connections between appliances and users, while providing the highest security through a cloud-delivered model. Instead of appliances, all traffic is securely connected through a cloud-delivered service. Instead of multiple point products – each with different management systems – you get a single point of management. Zero trust enables IT to optimize their time and budget to focus on the top-of-mind priorities that matter. SSE platforms ensure simplicity for users as well. Hybrid workers reap the benefit of cloud-delivered zero trust solutions with consistent, fast, and seamless access to applications. The result is less IT tickets to deal with, and a happier, more productive hybrid workforce.
Making access seamless to end users
Pre-hybrid work, end users were used to having separate solutions for access based on their location. Now users are demanding a seamless user experience more than ever.
This means that a hybrid workforce must be unified, suggesting you shouldn’t have the mindset of a “on-prem workforce” and “remote workforce.” IT must view secure access consistently across all plains. This involves selecting the right SSE platform that supports the entire workforce.
In doing so the workforce is unified, as is security and networking teams. For the first time, security and networking functions are not in conflict but are united as security can enforce granular risk management while networking ensures fast connections from user to app. Together security and networking can build a more agile and adaptive business, united by zero trust.
Hybrid Work isn’t Going Away…
As your business considers the future of hybrid work, contemplate what zero trust adoption can mean for your business, your users, and your current security strategy. If you’re curious what adopting zero trust in the hybrid world might look like, consider reading this Gartner report on zero trust best practices and get started by replacing VPN.