It’s no secret that the way we work has changed – hybrid and remote working styles have become more common, and employees are now expected to be able to work from anywhere. Even in-office users need the ability to stay productive on the move. To support this, businesses have embraced a flexible, cloud-first approach to IT, but has this evolution exposed them to new security risks?
A security conundrum
As users become increasingly dispersed and decentralised, the attack surface of any given organisation has grown significantly, imposing a heavy burden on existing security tools. Users are working from anywhere, regularly logging into corporate networks using public WiFi in order to stay productive while on the move. They’re also more dispersed in terms of time, operating outside of standard working hours to complete critical tasks. As your workforce becomes more widespread, online collaboration also becomes vital, with users regularly sharing links to files and document over email and instant messaging platforms and other collaborative platforms.
This has a drastic impact on your security posture. According to Verizon, the two most common ways for bad actors to enter a business network are through legitimate credentials (often stolen in a previous attack), or phishing, which account for around 50% and 30% of all entry points for attackers respectively. Both of these methods allow cybercriminals to bypass traditional perimeter security, taking advantage of new modes of working to slip into a network in a way that makes them difficult to distinguish from a legitimate user until it’s too late.
Traditional perimeter security provides a single defensive barrier around your network. Following a successful log in, a user is allowed through and is trusted as being legitimate. This leaves bad actors free to wreak havoc on a network by installing malware or expanding their operations by attempting to steal even more user credentials.
As such, businesses are increasingly looking to reinforce their security posture beyond their traditional perimeter defences, ensuring secure access without compromising the experience of their users.
Zero trust – verification is a must
The answer is simple: Zero Trust Network Architecture (ZTNA). We’ve written about this before, but, to recap, zero trust can be boiled down to the maxim of “never trust, always verify”. When applied to network architecture, that means instead of giving users free reign to move around a network once they’re through the perimeter, they must verify who they are whenever they attempt to access different files or applications.
For that verification step, ZTNA works best when combined with multi-factor authentication (MFA) – requiring users to prove their identity via a second verification factor. While this is often orchestrated through codes or requests triggered to email accounts or mobile devices, more advanced MFA solutions can use secure passkeys or even biometric data, such as face scans or fingerprints.
This means that even if an attacker has access to a set of legitimate credentials, they still can’t compromise your network unless they’re able to get access to that second factor.
To combat this, cybercriminals may attempt to spam MFA requests onto a user’s secondary device in the hopes of prompting an inadvertent acceptance, yet this is also scuppered by the ZTNA model. The repeated checks administered by ZTNA present additional blockers to bad actors and more opportunities for illegitimate activity to be identified and flagged.
The risk can be reduced even further by adopting the principle of least privilege access. This ensures a given user can only access the applications and data required for their role, keeping sensitive data secure and reducing the risk of a potential insider threat. Limiting data usage also takes this further, preventing all users from pulling large amounts of data out of the network, limiting the severity of breaches from all causes, from human error to insider threats and cyberattacks.
Unmanned defences can’t protect much
While a zero trust network architecture can help any organisation make massive improvement to their cybersecurity, it’s not a replacement for personnel within your business. In fact, ZTNA massively enhances the capabilities of your security resource – whether that’s a dedicated security team, or simply a member of IT staff tasked with keeping an eye on your defences.
Under ZTNA, all traffic and access requests are logged in a central location, providing your IT team with a clear audit trail which can help identify where common pressure points are and allows them to update security policies accordingly. This makes it easier to adopt a more data-driven approach to your security and lightens the burden on your security resource who no longer need to engage in wild goose chases to hunt down potential threats, even as your IT environment grows to accommodate remote and hybrid workers.
Trust us to deliver zero trust
ZTNA may sound like an enterprise-grade cybersecurity solution, and it’s certainly popular amongst enterprises, but businesses of any size can adopt its principles and massively bolster their security posture. We’ve helped businesses of all kinds improve their security posture, and we’re ready to help your organisation too.
If you’re ready to get started on your zero trust journey and identify the best way to bolster your cyber defences, get in touch with our team.