COVER STORY technologyreseller.co.uk 19 Never trust, always verify — this is the core mantra that underpins Zero Trust. But, how do you apply Zero Trust to remote and hybrid workers? Enter Zero Trust Network Access (ZTNA). As a subset of Zero Trust, ZTNA is a must-have cybersecurity approach focusing on strict access controls and continuous verification, regardless of user or device location. Here are six ways a business can achieve Zero Trust Network Access: Expect breaches Always assume that traditional protection tools, such as firewalls, endpoint antivirus and secure email gateways, among others, will be bypassed. That’s why it is critical to have EDR, MDR (aka Managed SOC) and strong backup and recovery solutions in place to reduce risk and provide greater defense-in-depth security. Micro-segmentation Implement micro-segmentation by dividing the network into smaller segments, each with specific access controls. This limits lateral movement for potential attackers and reduces the attack surface. Identity-centric access Enforce strong identity verification through multifactor authentication (MFA) for all users and devices. This ensures that only authorised individuals can access resources, regardless of their location. Least privilege principle Follow the principle of least privilege access, granting users and devices only the minimum access rights necessary to perform their tasks. This reduces potential damage in case of a breach and limits exposure of critical assets. Continuous monitoring Utilise continuous monitoring and analytics to assess user and device behaviour as well as to enforce security policies. Unusual behaviour and deviation from established policies should lead to immediate access revocation to prevent unauthorised access. Secure Access Service Edge (SASE) Implement a SASE solution, like Datto Secure Edge, to create a secure network perimeter that adapts to user contexts, regardless of their location. This gives remote workers next-generation firewall protection from the cloud and provides users an easy, secure and seamless way to connect to cloud and on-prem resources. Overall, achieving Zero Trust Network Access involves a comprehensive strategy that combines controls, policies, continuous monitoring and SASE. It shifts from the traditional perimeter-based security model to a more adaptive and context-aware approach, significantly enhancing an organisation’s ability to prevent, detect and respond to cybersecurity threats. 1 3 4 2 6 5 Never trust, always verify — this is the core mantra that underpins Zero Trust. But, how do you apply Zero Trust to remote and hybrid workers? Enter Zero Trust Network Access (ZTNA). As a subset of Zero Trust, ZTNA is a must-have cybersecurity approach focusing on strict access controls and continuous verification, regardless of user or device location. Here are six ways a business can achieve Zero Trust Network Access: Expect breaches Always assume that traditional protection tools, such as firewalls, endpoint antivirus and secure email gateways, among others, will be bypassed. That’s why it is critical to have EDR, MDR (aka Managed SOC) and strong backup and recovery solutions in place to reduce risk and provide greater defense-in-depth security. Micro-segmentation Implement micro-segmentation by dividing the network into smaller segments, each with specific access controls. This limits lateral movement for potential attackers and reduces the attack surface. Identity-centric access Enforce strong identity verification through multifactor authentication (MFA) for all users and devices. This ensures that only authorised individuals can access resources, regardless of their location. Least privilege principle Follow the principle of least privilege access, granting users and devices only the minimum access rights necessary to perform their tasks. This reduces potential damage in case of a breach and limits exposure of critical assets. Continuous monitoring Utilise continuous monitoring and analytics to assess user and device behaviour as well as to enforce security policies. Unusual behaviour and deviation from established policies should lead to immediate access revocation to prevent unauthorised access. Secure Access Service Edge (SASE) Implement a SASE solution, like Datto Secure Edge, to create a secure network perimeter that adapts to user contexts, regardless of their location. This gives remote workers next-generation firewall protection from the cloud and provides users an easy, secure and seamless way to connect to cloud and on-prem resources. Overall, achieving Zero Trust Network Access involves a comprehensive strategy that combines controls, policies, continuous monitoring and SASE. It shifts from the traditional perimeter-based security model to a more adaptive and context-aware approach, significantly enhancing an organisation’s ability to prevent, detect and respond to cybersecurity threats. https://www.datto.com
RkJQdWJsaXNoZXIy NDUxNDM=