• Skip to primary navigation
  • Skip to content

NetMotion Software

  • SOLUTIONS
    • ZTNA
    • SDP
    • VPN
    • Experience monitoring
  • PLATFORM
    • SASE
    • How it works
    • Analytics & visibility
    • Policy controls
    • Devices & deployment
  • COMPANY
    • About
    • Customers
    • Careers
    • News
    • Management
    • Contact
  • PARTNERS
    • Alliances
    • Carriers
    • Resellers
  • INSIGHTS
    • Blog
    • Reports
    • Case studies
    • Webinars
    • Media
    • Video
  • DEMO
  • SUPPORT
  • EN

Security

What is Zero Trust, and what does it mean?

June 18, 2020

By: Mark Chisholm | June 18, 2020

We consume and manage mountains of data every day. Not just music and TV streaming, either. As we work from home in record numbers, we continue to access documents, applications and corporate databases using a range of devices connected to a plethora of Wi-Fi and cellular networks. We collaborate with colleagues, and communicate with external vendors and customers, via email, cloud services and a host of unified communications tools.

Every time corporate data is accessed, particularly when done remotely, there are various ‘attack surfaces’ that can be vulnerable to attack. Over the past couple of decades, enterprises have invested heavily in security tools such as firewalls and VPNs designed to identify and stop threats, while giving remote workers access to critical data. Although flawed, this has been a fairly successful way of protecting data.

In the past decade, however, security experts have realized the shortcomings of these tools. A hacker who successfully steals the login credentials of an unsuspecting employee may be able to freely explore and exfiltrate an enterprise’s valuable resources, without the company’s IT team even being aware.

The rise of Zero Trust

This has given rise to several changes, including the adoption of multifactor authentication (MFA) and other endpoint management tools. But it also helped popularize the concept of Zero Trust, a term coined in 2010 by former Forrester Research analyst, John Kindervag.

The basic idea is that Zero Trust helps prevent successful data breaches by removing automatic trust from an organization’s network architecture. In other words, an employee or a device trying to access an application or data has to prove their identity, based on a “never trust, always verify” process of authentication. The goal is to provide Layer 7 threat prevention while giving IT teams granular policy and user-access control.

Essentially, anyone or any device attempting to connect to a network asset is treated as untrustworthy. The model emphasizes the use of device and user credentials as the basis for granting or denying access to specific asset.

Recent attacks

Recent news about successful ransomware attacks helps shed light on a key reason why Zero Trust is so necessary. In one instance, Japanese vehicle manufacturer Honda was forced to temporarily halt global production and shipping of vehicles due a suspected ransomware attack that targeted one of its internal servers and quickly spread.

In another attack, the CEO of Israeli software company Sapiens, Roni Al-Dor, is believed to have paid hackers $250,000 in Bitcoin in order to avoid having the computers shut down.

What is the common thread in these attacks? It is likely that the hackers in each case took advantage of the security vulnerabilities caused by the enormous increase in remote work. Employees were less safe working at home than they had been at the office.

Why we need Zero Trust

The Zero Trust model of security destroys this castle-and-moat distinction. Instead of focusing on a perimeter based on ‘owned’ networks, organizations need to defend themselves by assuming that anything trying to access data may be a threat.

For the most part, the castle itself no longer exists. Roughly 98% of companies maintain some kind of on-premise data, however the shift to the cloud means that companies no longer operate massive data centers serving a contained network of systems.

Zero Trust for the remote, decentralized workforce

As an increasing number of employees work from home, away from the relative protection of an office network, the idea of a truly secure perimeter has gone by the wayside. There are three key reasons why Zero Trust architectures make a lot of sense for our new breed of decentralized organizations, what you could even call ‘deskless’ employees.

  1. More data. More users and more devices than ever are accessing data and applications, hosted in a mixture of public cloud, private cloud, or on-premise, making it harder to establish and enforce a network perimeter.
  2. Bigger attack surface. The increase in traffic and scattered nature of data go hand-in-hand with an increase in attack surface, caused by users working from virtually anywhere on any device and any network.
  3. Lack of visibility. This has been a long-term issue for IT teams grappling with control of devices outside corporate-managed network environments.

Deploying a Zero Trust architecture

Zero Trust is a concept and not a product in the strictest sense. However, products built around this framework are starting to take shape within the security landscape. One of the most promising is Zero Trust Network Access (ZTNA), otherwise known as Software Defined Perimeter (SDP).

As ZTNA and other technologies based on zero trust gain traction, it is unlikely that they will completely replace existing tools such as VPNs. The beauty of zero trust is that in most cases it can be layered onto any established solutions to augment their effectiveness with greater policy controls and far superior network visibility. It promises to be a huge advancement in keeping data secure, no matter where employees may be.

Continue reading

  • Top 5 NetMotion blog posts of 2020
  • 451 Research on SASE, VPN, zero trust and the future of network security
  • Voices of NetMotion
  • Just how many devices do remote workers use?
  • A year to remember or to forget? IT and networking experts share insights on their experiences from a remarkable 2020

Avatar

About Mark Chisholm

In his role at NetMotion, Mark has the privilege of creating long-form and short-form content highlighting the amazing (and often invisible) ways that the company empowers a growing mobile workforce. His job is made incredibly easy by the fact that NetMotion “just works.” When he isn’t busy writing words, you’ll find him wrangling his two opinionated little girls or devouring news, occasionally at the same time. You can connect with him on Twitter @Mark_A_Chisholm.

Meet the secure virtual private network that's purpose-built for mobile workers. Your free evaluation of NetMotion Mobility® starts here.

Keep Reading

Top 5 NetMotion blog posts of 2020

Company

451 Research on SASE, VPN, zero trust and the future of network security

Industry Disruption

Voices of NetMotion

Company

  • Customer Portal
  • Knowledge Base
  • Support and Services Guide
  • Training
  • Support Plans
  • Professional Services
  • Security Advisories
  • Support Advisories
  • Supported Systems
  • Disclosure policy


Avatar
Mark Chisholm

Try the software for 30 days, for free


Get Started
  • Company
  • Support
  • Contact Us
  • Privacy
  • Legal & Copyright
LinkedIn Twitter instagram youtube Email

© 2021 NetMotion Software