Share this
Zero Trust Network Access: What is it?
by Serena Raymond on Apr 26, 2021 12:00:00 AM
Zero Trust Network Access (ZTNA) is an approach to IT where trust is never implicit. Trust needs to be earned, repeatedly, to ensure that everything inside your network (and of course outside) is a verified, trusted resource.
“Trust but verify” is not an adage that modern cybersecurity teams should be repeating. We all need to update our mantra to be: “Never trust. Always verify.”
We see the need for this mentality in everything from phishing emails to questionable changes made within company IT infrastructure. We can’t trust that the person claiming to be our CEO in a strange email is our CEO and “verify later”. We need to question that immediately.
Verify first, and skip the trust unless it’s earned. And that trust is only temporarily.
Where did Zero Trust come from?
While we can thank Stephen Paul Marsh’s doctoral thesis on computation security for the term “Zero Trust”, the modern concept was reintroduced to the world by Forrester analyst John Kindervag. And like seemingly everything in our digital lives, once Google tested it in 2009 with BeyondCorp, it started to take off.
In the wake of the OPM data breach, the U.S. government began to take (and promote) a Zero Trust approach. In an article, Representative Jason Chaffetz points out that were Zero Trust implemented at the time of the OPM attack, “Zero trust would have profoundly limited the attacker’s ability to move within OPM’s network and access such sensitive data.” This endorsement of Zero Trust from the federal government made the approach centerstage.
Defining ZTNA in 2021
It was a lot easier to trust things inside your network when your network was inside an office along with all of your employees. But that’s not the case anymore. Employees are spread far and wide, and often your company network includes employees who are working from home and relying on home routers.
Your network is a distributed workforce of home offices, WeWork spaces, cafes, IoT devices, mobile tablets, and various other infrastructure.
This change in the last year has really cemented the need for complete adoption of Zero Trust Network Access. Susan Gosselin on CIO Insight called 2021 the “year for Zero Trust security.” Attacks occurring from within company infrastructure by outside attackers made that clear. So the need for repeated authentication is a huge must-have for cybersecurity professionals (and companies as a whole) going forward.
In reality, you don’t know who’s behind that desk.
Walking the Zero Trust walk
Despite how often the term gets thrown around, ZTNA isn’t as widely adopted as you think it is.
One of the biggest issues with the concept of “Zero Trust” is that it’s a model, not a tool you can deploy. And so, a lot of companies think they’re employing Zero Trust when really they’re leaving it to their employees to apply a Zero Trust mindset ad hoc. And then there are companies that have a Zero Trust model in one department, but it’s not company-wide. And then there are the companies that think implementing ZTNA means an overhaul of their entire security framework.
But moving to Zero Trust doesn’t me re-architecting everything. It means applying that model to everything you’re doing currently and then adopting the tools you need to fill in the gaps.
What you really need are the right tools in place to support a Zero Trust framework. This way, there is less pressure on individuals to “take a Zero Trust approach” since everything is put in place so that their only choice is to take a Zero Trust action inside a Zero Trust model.
So what does this look like?
It means putting “trust” barriers between people and the actions they take. When you implement our DNS security, that means that no website any of your users want to go to is inherently trusted. You put that website under a microscope to find out what category it falls into and whether or not it’s malicious.
And this protects you as sites inevitably change. Formerly malicious sites are taken down, purchased by new owners, and turn into small business websites. Alternatively, previously “trusthworthy” websites can be hacked. Our AI looks for markers that indicate a site is now deceptive, and will categorize that site as a threat.
Additionally, we see our features such as Multi-factor Authentication as an important part of a Zero Trust architecture, enabling our users to prevent threat actors or employees lacking the right permissions and the ability to login and change your company’s DNS security policies.
When you work in the cloud, DNS is the road that your entire infrastructure is built on. It’s important that you implement a Zero Trust model when it comes to how your employees use it.
Share this
Categories
- Featured (265)
- Protective DNS (22)
- IT (15)
- IndyCar (9)
- Content Filtering (8)
- Cybersecurity Brief (7)
- IT Challenges (7)
- Public Wi-Fi (7)
- AI (6)
- Deep Dive (6)
- Malware (4)
- Roaming Client (4)
- Team (4)
- Compare (3)
- MSP (3)
- Phishing (3)
- Tech (3)
- Anycast (2)
- Events (2)
- Machine Learning (2)
- Ransomware (2)
- Tech Stack (2)
- Secure Web Gateway (1)
Earlier this month I joined Mikey Pruitt, our Global Partner Evangelist, on the DNSFilter podcast dnsUNFILTERED to discuss my 2025 cybersecurity predictions. We had a lot of fun and covered all of the points I’ll outline here, but I wanted to go deeper. My 30 years of cybersecurity experience have given me a strong sense of where we’re heading as an industry—the shift to the cloud in many ways is a precursor in the adoption of AI and the future...
Most businesses only think about DNS security after an attack has already occurred. By then, the damage is done - downtime, lost revenue, compromised data, and a tarnished reputation. In an environment where cyber threats are constantly evolving, a reactive approach to DNS security simply isn’t enough.
Customer experience is the secret sauce that sets successful Managed Service Providers (MSPs) apart from the rest. In a market teeming with competition, you need to offer more than the best technology or the lowest prices. It's about how clients feel when they interact with your services. A stellar customer experience can transform a one-time client into a loyal advocate, while a poor one can send them running to your competitors. According to a ...