One of the other technical beneficiaries of the COVID-19 lockdowns and travel restrictions are virtual private networks (VPNs) as enterprises accede to government calls for pandemic containment by “voluntary” isolation.
VPNs have been marketed as one way to secure internet connections and keep data private. VPNs work by creating a tunnel connecting two devices, for example a laptop to a server. VPN vendors sell the story that VPNs are so secure even ISPs cannot see what the user is doing online.
To be clear, it is the protocol and encryption technique that the VPN vendor uses that provides the security users sign-up for in the first place.
Better than VPN?
Cyberattacks, data breaches and compliance obligations have grown significantly, making trust and adaptive control critical.
If VPNs can’t cut it, what’s the alternative?
Gartner says Zero Trust Network Access (ZTNA) augments traditional VPN technologies for application access, and removes the excessive trust once required to allow employees and partners to connect and collaborate.
As swads of businesses and governments work online for longer hours, thanks to lockdown measures, Pulse Secure launched Pulse Zero Trust Access (PZTA) to cater to the growing paranoia that comes with isolation and letting your imagination get away with it.
PZTA is marketed as a cloud-based, multi-tenant secure access service that lets organizations provide users easy, anywhere access to multi-cloud and data centre applications with Zero Trust assurance.
It offers single-pane-of-glass visibility, end-to-end analytics, granular policies, automated provisioning, and advanced threat mitigation that empowers organizations to further optimize their increasingly mobile workforce and hybrid IT resources.
“IT leaders are driving business transformation in the hybrid digital era while also defending assets during the ‘age of hyper-converged access’ – for any user, from any device, anywhere to any application, at any time. Pulse Zero Trust Access is designed for the elastic digital workplace, providing a unified, cloud-based service that enables greater accessibility, efficiency and risk reduction,” said Rohini Kasturi, chief product officer at Pulse Secure.
The PZTA service consists of the Pulse ZTA Controller, which is hosted and managed by Pulse Secure, the virtual Pulse ZTA Gateway that customers deploy on-premises or in the cloud, and the unified Pulse ZTA Client which runs natively on each user’s Microsoft Windows, Apple macOS and iOS, and Google Android device.
Gartner recommends that security and risk management leaders should pilot ZTNA projects as part of a secure access service edge (SASE) strategy or to rapidly expand remote access.
In the Market Guide for Zero Trust Network Access, the analyst cautions that its recommendation should not be taken for the tried, yet true “security by obscurity is no security at all” axiom.
“Although ZTNA cloaks services from discovery and reconnaissance, it erects true, identity-based barriers that are proving to be more challenging for attackers to circumvent than older notions of simple obfuscation,” said Gartner.
Gartner concludes a ZTNA project is a step toward a more widespread zero-trust networking (default deny) security posture. Specifically, no communication occurs until sufficient trust is established.