According to the recent study, What's Next in Cyber: A Global Executive Pulse Check, 47 percent of respondents agreed that maintaining a secure hybrid workforce is one of the top reasons for adopting a Zero Trust Architecture (ZTA).
However, 98 percent of CXOs in the same survey agreed that they find implementing Zero Trust difficult for three main reasons:
- Those responsible do not know where to start and how to set priorities.
- There is a lack of qualified providers with a complete and integrated solution.
- There is also a lack of in-house expertise.
ZTNA 2.0 can help with all three of the above challenges. Many will ask, “What is ZTNA 2.0? We haven't even started ZTNA 1.0 yet. Do we have to do ZTNA 1.0 first? What is ZTNA anyway? Why are there version numbers?”
Zero Trust Network Access
ZTNA is the acronym for Zero Trust Network Access. This is a category of technologies that enable secure remote access to applications and services based on strict access control policies. These treat all users and devices as untrustworthy until proven otherwise.
ZTNA 1.0 stands for older ZTNA approaches. ZTNA 1.0 supports only coarse-grained access controls, includes an "allow and ignore" approach to both users and application traffic, and offers little or no advanced security for all applications and data. These shortcomings violate the principle of least privilege and increase the risk of security breaches in the enterprise.
ZTNA 2.0 as a starting point
ZTNA 2.0 is the most modern approach to ZTNA, overcoming the limitations of ZTNA 1.0 and delivering the comprehensive cybersecurity benefits sought with ZTA. As organizations build Zero Trust with ZTNA 2.0, they leverage five powerful principles to protect their users, data, applications and devices. These five principles are:
- Least Privileged Access: Enables granular access control at the application and sub-application level, independent of network constructs such as IP addresses and port numbers.
- Continuous Trust Check: After access to an application is granted, a continuous trust check is performed based on changes in device structure, user behavior, and application behavior.
- Continuous security check: Uses deep, continuous inspection of all application traffic, even for legitimate connections, to prevent threats, including zero-day threats.
- Protection of all data: Provides consistent control of data across all applications, including personal and SaaS applications, with a single Data Loss Prevention (DLP) policy.
- Security for all applications: Consistent protection for all types of applications used in the enterprise, including modern cloud-native applications, private legacy applications and SaaS applications.
A world without perimeters
ZTNA 2.0 is essential to address one of the greatest security challenges of our time: the limitlessness of modern networks. With the widespread adoption of cloud-based applications, mobile devices, and the Internet of Things (IoT) by hybrid workers, it is becoming increasingly difficult for network security professionals to define and protect their organization's "perimeter." This world without a perimeter makes it harder to control access to sensitive data and systems, leaving organizations more vulnerable to external and internal attacks.
ZTNA 2.0 does not adhere to a perimeter-based secure access construct. Instead, all users, devices, applications, and data are rigorously verified and authenticated before being granted access to the network. This is true regardless of whether those items are inside or outside the physical boundaries of the organization. This location-independent verification and authentication possible with ZTNA 2.0 makes it more difficult for an attacker to move laterally through the network and helps reduce the attack surface.
Get started with ZTNA 2.0
ZTA is a tremendously useful cybersecurity architecture that helps organizations protect themselves in a world where work is an activity, not a place. Now is the time to start building a Zero Trust strategy based on ZTNA 2.0 - the new standard for providing secure access for all users, devices, applications and data.
More at PaloAltoNetworks.com
About Palo Alto Networks Palo Alto Networks, the global leader in cybersecurity solutions, is shaping the cloud-based future with technologies that transform the way people and businesses work. Our mission is to be the preferred cybersecurity partner and protect our digital way of life. We help you address the world's biggest security challenges with continuous innovation leveraging the latest breakthroughs in artificial intelligence, analytics, automation, and orchestration. By delivering an integrated platform and empowering a growing ecosystem of partners, we are the leaders in protecting tens of thousands of businesses across clouds, networks and mobile devices. Our vision is a world where every day is safer than the one before.