sb-au logo
Story image

Why zero trust is the best security strategy for mobile computing - Zscaler

11 Nov 2019

Article by Zscaler A/NZ country manager Budd Ilic

Trust no one.

That’s a great subtitle for an action thriller – and it’s also an approach to network security that’s finding increasing favour in the access-from-anywhere computing era.

Gone are the days when corporate networks could be protected by throwing a high-tech security cordon around them.

The extraordinary rise of cloud computing and mobile technologies during the past decade has made the traditional approach of patrolling the perimeter increasingly ineffective.

What has also become strikingly apparent are the limitations of virtual private networks (VPNs), which allow users to send and receive data across public networks with an equivalent level of security to what they’d enjoy if they connected directly to a private network.

Why connecting securely to the corporate network matters

Why do secure connections matter so much?

The truth is, they wouldn’t if Australians’ workdays and work styles hadn’t changed so dramatically during the past decade.

Remote working has gone mainstream around the country in recent years – research published in early 2019 by recruitment site Indeed revealed that 68% of Australian employers now allow the practice.

It’s not hard to see why.

Lower operational costs, increased productivity, higher morale and reduced absenteeism and staff churn were all cited as benefits that prompted companies to embrace the practice.

For their part, employees have voted with their presence (or, more accurately, lack thereof), making what was once out of the ordinary into a new workplace modus operandi.

A 2018 study by International Workplace Group found that almost 50% of Australians work remotely for at least half the week, while almost 70% spend at least one day a week away from the office.

Investing in technology to support out of office workers

Remote working doesn’t work all that well if employers aren’t prepared to invest in technology that enables employees to do so efficiently and safely - a fact that’s not lost on Australian companies.

More than 90% of respondents to Indeed’s survey indicated they’d spent money on tools and technologies, including smartphones, laptops and video conferencing and collaboration solutions, to facilitate the process.

A growing number of organisations are also investing in security technologies to enable remote workers to access corporate networks without putting critical systems and data at risk in the process.

Logging on safely from anywhere

Arguably the most important of these technologies is Zero Trust Network Access (ZTNA). ZTNA is slated to replace the ubiquitous and deeply entrenched VPN in more than 50% of enterprises within the next three years, according to high-tech research house Gartner.

So how does ZTNA work and why are companies and organisations of all stripes racing to embrace it?

Put simply, it’s a security framework for the mobile computing era, one that enables users to access private applications securely without connecting to the network on which they’re hosted or exposing those applications to the internet.

That’s markedly different from the way in which VPNs operate – granting access permission at the outset then providing authenticated users with unfettered access to corporate systems and data.

Under the ZTNA model, security policies are hosted in the cloud, globally distributed and locally enforced.

Users, and the applications they’re seeking to access, are what determine the level of security that’s applied, not the devices they’re using, their IP addresses or their physical locations.

It’s a logical and workable answer to the secure connectivity challenge that the remote work movement and the burgeoning use of cloud-based applications have created for organisations.

Little surprise, then, that it’s rapidly gaining prevalence across the enterprise computing world.

Making the Australian workplace of tomorrow flexible and secure

Mobile working is well and truly here to stay.

Australian companies that don’t offer employees the opportunity to spend a portion of their working week out of the office may find themselves at a competitive disadvantage to those that do.

As this trend continues to gather pace, embracing security technologies that enable employees to access applications without opening the enterprise up to additional risk should be a priority for organisations that value the integrity of their systems and data.

Story image
Research: 61% of companies have suffered an insider attack in last 12 months
It comes as rapid migration to cloud and remote working and BYOD scenarios leave organisations increasingly vulnerable to insider attacks as a result of the upheaval caused by the COVID-19 pandemic.More
Story image
Is cyber deception the latest SOC 'game changer'?
Cyber deception reduces data breach costs by more than 51% and Security Operations Centre (SOC) inefficiencies by 32%, according to a new research report by Attivo Networks and Kevin Fiscus of Deceptive Defense.More
Link image
Webcast series: The necessary tools to secure a remote workforce
Experts from across the A/NZ region discuss the best security practices in a remote working world - with sessions available on the first Thursday of every month.More
Story image
Netlinkz revenue surges 846% as secure enterprise cloud technology gains traction
Executive chairman James Tsiolis believes this growth is the start of something much bigger.More
Story image
High-tech heist: why fending off ransomware attacks is more challenging than ever in 2020
The COVID-19 crisis has unleashed a wave of sophisticated and disruptive ransomware attacks, and the onus is on businesses to ramp up their security measures if they’re to avoid falling victim, writes Attivo Networks regional director for A/NZ Jim Cook.More
Story image
Revealed: The behaviours exhibited by the most effective CISOs
As cyber-threats pile up, more is being asked of CISOs - and according to Gartner, only a precious few are 'excelling' by the standards of their CISO Effectiveness Index.More