On May 12, 2021, President Joe Biden issued a Presidential Action regarding the safety and soundness of government networks. Additionally, within the Action he required that all government networks begin to move to a Zero Trust access method to protect data traversing networks used by said government agencies and their vendors.
Given this, it is not unreasonable to think that use of Zero Trust access methods will trickle down into the private sector, especially to those firms who are part of the critical infrastructure of the United States. However, the biggest issue facing both government agencies and firms in the private sector is that they lack critical knowledge about Zero Trust and the different methods of access that it allows.
Why Zero Trust?
Let’s look at today’s world.
When a company needs a vendor/partner/employee to work on a system or application that cannot be moved to the cloud to provide ease of access, they turn to their VPN to provide the access to a single internal VLAN or multiple internal VLANs. The problem with this is that it provides far more access to networks and data than is needed by the party to do their work. In short, VPNs are becoming passe very quickly. That’s where Zero Trust comes in to take their place.
What is Zero Trust?
Zero Trust is comprised of three different access methods:
Zero Trust Network Access (ZTNA)
ZTNA was built to be a VPN replacement as it provided more granular controls over network access. In short, it starts will all access being denied to any network; permission is then given to select networks so that the employee or vendor can do their work.
Zero Trust Application Access (ZTAA)
ZTAA was built to ensure that employees and vendors could only utilize a particular application or set of applications. For instance, an employer may only want employees/vendors to be able to access the Microsoft Office suite but not the corporate CRM. This would be a perfect use case for ZTAA.
Zero Trust Data Access (ZTDA)
ZTDA is perhaps the most restrictive of the three. With ZTDA, companies can restrict access down to the folder or file level. It also allows employees or vendors to access materials on cloud shares. Often it appears that the share is something from inside the corporate network.
Which Zero Trust Technology is Right for Me?
The solution comes down to the answers that you provide to the two following questions.…
· What are you trying to protect? (Network, Application, Data Access)
· How restrictive do you want to be?
Based upon your answers to these questions, you can easily decide which technology or multiple technologies are right for you. Remember, there isn’t always a one size fits all for every organization. You may have to use more than one technology to tighten up controls within your organization.
For more information on Zero Trust and its different forms, please reach out to us at sales@evanesco.cloud, or call us at +1 (833) 674-0407.