As organisations look to accelerate business and remain competitive, they are increasingly adopting digital innovation initiatives. As a result, business applications and data are dispersed far and wide, away from the corporate premises, giving workers access to more corporate assets from any location. But as the traditional perimeter is dissolving, the internal network is put under greater threat of attack.
In response to these threats, organisations need to take a “trust no one, trust nothing” approach to security. CISOs need to protect the network with a Zero-Trust Network Access policy, making sure all users, all devices, and all web applications from the cloud are trusted, authenticated, and have the right amount of access.
What is Zero-Trust Network Access?
Zero-Trust is critical to securing digital innovation, no matter what the nature of the individual project. It is focused on network connectivity and has three essential functions:
Know every device that’s on the network
The first step of adopting a Zero-Trust Network Access strategy is to discover and identify all devices on the network – whether that’s an end-user’s phone or laptop, a network server, a printer, or a headless IoT device such as an HVAC controller or security badge reader.
Know every user that accesses your network
User identity is critical in developing an effective Zero-Trust Network Access policy. Organisations need to know every user that is attempting to access the network. Are they an employee? A contractor? A guest? A vendor? Implementing multi-factor authentication is an effective way to identify and monitor user log-in; as passwords are weak and can be frequently stolen.
Know how to protect assets on and off the network
With a Zero-Trust Network Access strategy, organisations can address the challenge of protecting off-network devices by improving endpoint visibility. Vulnerability scanning, robust patching policies, and web filtering are all critical elements of a zero-trust strategy.
According to Fortinet Field CISO Peter Newton:
“There is a major emphasis on the concept of Zero-Trust Network Access because companies are recognising that, number one, they have all these VPN Tunnels that need to understand and confirm who the users are, and two, they have users on all different types of devices that now have access to the corporate network. This is where the ability to understand and see everything on that network has become key and that is why our Teleworker Solutions has gotten a lot of attention and activity in the months since COVID-19 first hit.
Why Zero-Trust Network Access?
Traditional security models operate under the assumption that everything inside the organisations’ network should be trusted. However, automatically extending trust to any device or user puts the organisation at risk when either becomes compromised, whether intentionally or unintentionally. That is why many security leaders are turning to a Zero-trust Network Access approach to identify, authenticate, and monitor users and devices, both on and off the network.
Discover how SCC and Fortinet are leading the fightback with Zero-Trust Access in the retail sector
“Retail is something we all understand since we all “experience” retail on a daily basis. As a tangible example, given the nature of retail today where omni-channel is the norm, implementing a Zero-Trust model is more challenging than ever. Every door you open to better enable customer engagement also provides new opportunities, and new attack vectors, for threat actors to compromise your business. Protecting these solutions requires carefully controlling who and what has access to internal systems, data, and devices.” Courtney Radke (Fortinet Field CISO)
SCC is a Fortinet Expert Integrator partner
We have many years of experience securing customer networks, as demonstrated by our Fortinet Platinum Partner of the Year award in 2018.
Our depth of capabilities for the solutions we provide assures customers that we can execute with greater agility. We have extensive experience, qualifications and certifications in a wide range of partner technologies that underpin our solutions. You benefit from thought leadership, key knowledge and vital experience, shared across our global partner network.