Unfortunately, in many cases, the VPN links were not up to the task. Congestion led to poor performance, reduced staff productivity and frustrated clients. It’s a scenario that highlights the benefits of taking a different approach to the challenge: zero trust network access (ZTNA).

Defined by research company Gartner, ZTNA uses a cloud-based architecture that decouples security from network access. This then ensures secure application access regardless of the device, the network, or the application. 

The benefits of ZTNA

There are six key reasons why a ZTNA strategy has become the best choice during the COVID-19 crisis. Those reasons are:

1. More direct access

When a law firm’s full workforce is working remotely, it’s vital to be able to provide direct and secure access to the resources they require. Legacy security architectures depend on a security perimeter which forces user traffic to flow through the perimeter defences, no matter where the target application sits.

ZTNA architectures establish connections directly between users and the applications, and traffic flows along the shortest secure path between them. This eliminates the hairpinning caused by backhauling traffic from a single ingress point to other locations and improves the user experience by reducing latency.

VIEW ALL

2. Improved context awareness

Traditional network security allows anything that gets through the perimeter to gain access to the whole network and any systems attached to it. Cyber criminals who breach the perimeter therefore enjoy that same privileges.

A better approach is to limit user access to only what they require. Zero trust allows users to be tagged so they only see what applications they should be seeing. Context-aware access also delivers benefits beyond just work-from-home security. Other scenarios include mergers and acquisitions, cloud migration and third-party access.

ZTNA solutions address all of these scenarios with simple, user-centric policies.

3. More flexible deployment

When zero trust was first introduced some 10 years ago, implementing it with network-centric security tools was a monolithic task. With cloud-enabled ZTNA solutions, the challenge can be tackled one use case at a time.

For example, zero trust access could be enabled for an existing group of VPN users without a rip-and-replace process. Once it is fully operational, the VPN access for that group can be decommissioned. 

4. Better user experience

As VPN user numbers increase, so do accompanying problems. They tend to occur because it’s necessary to backhaul large volumes of external traffic that must traverse the security stack. 

Also, latency increases significantly when large numbers of users have to pass through VPN concentrators. One solution is to deploy larger security devices at both headquarters and branch offices, but it’s a complicated and expensive one. Zero trust connections allow users to directly access the applications they need regardless of their location. 

5. Greater visibility

In a traditional environment, it’s impossible to protect against things that you don’t know are there. One significant disadvantage of legacy solutions is that all the appliances spread across an enterprise network generate an enormous amount of un-centralised data.

Cyber criminals love to hide in that data and hope to be overlooked. Any security solution must provide full visibility into user traffic, and ZTNA solutions allow you to examine who is accessing what, and where, anywhere in the network. 

6. Tighter security

With users, applications, and data now distributed across the internet, ensuring security for sensitive resources has become a significant challenge. Distributed resources mean there is a larger attack surface, while having more people working from home over VPNs means there are now more ways for bad actors to breach the network perimeter. 

A context-based, zero trust approach secures the connection between the user and application without regard for networks or locations. Policies are created and enforced that only let users gain access to the resources that they require. 

By adopting a ZTNA strategy, law firms will be much better equipped to operate in a locked down, COVID-19 world. The restrictions and limitations created by legacy security infrastructures will be a thing of the past.

Budd Ilic is an ANZ country manager at Zscaler.