Check out all the on-demand sessions from the Intelligent Security Summit here<\/a><\/em>.<\/p>\n

\n<\/div>\n
While the value and importance of zero trust network access (ZTNA) today can hardly be overstated, there are numerous accounts of failed attempts at achieving it, particularly in smaller and medium businesses. Zero trust<\/a> has a deserved reputation of being difficult both to initiate and to maintain. The premise or promise makes perfect sense, but the practice has become unfeasible for many.<\/p>\n
A new look at zero trust shows that it does not necessarily have to be complicated. In fact, zero trust can be incorporated into familiar existing security solutions rather than implemented as separate solutions or something completely new and difficult to master.<\/p>\n
Three factors often mean the difference between zero trust being successful or unsuccessful, and, surprisingly, they are not arcane technical details, but rather principles of management.<\/p>\n
Easing the path to zero trust<\/h2>\n
The first factor is overall complexity. It is often noted that complexity is the enemy of security. Overly complex and difficult solutions and policies make security unusable and promote workarounds that circumvent the solution or practice. The old Post-It notes with passwords on the side of an employee\u2019s monitor as a way to deal with stringent password policies used to be a good example of this.<\/p>\n
<\/p>\n
\n
Event<\/h3>\n
\n
Intelligent Security Summit On-Demand<\/span><\/p>\n
Learn the critical role of AI & ML in cybersecurity and industry specific case studies. Watch on-demand sessions today.<\/span><\/p>\n<\/div>\n

\n Watch Here <\/a>\n <\/p>\n<\/div>\n
<\/body><\/p>\n
From a solution or architecture standpoint, incorporating zero trust into an existing solution \u2014 as long as it serves the requirements \u2014 helps to reduce complexity. Eliminating the need for yet another system or tool to install, maintain and keep current with various changes alleviates staff workloads and yet another thing to have to deal with. Extending an existing, familiar system to provide zero trust is far preferable. <\/p>\n
Some security suites or platforms are or will be incorporating full-service zero trust. Managed cybersecurity services may also bundle zero trust with their offerings. Even modern VPNs for small and medium businesses have incorporated or will be incorporating a relatively easy way to achieve a zero trust posture.<\/p>\n
>>Don\u2019t miss our special issue: Zero trust: The new security paradigm<\/a>.<<<\/strong><\/p>\n
Accommodating modern realities<\/h2>\n
The second factor is lack of suitability for the realities of today\u2019s cloud-everything, primarily distributed organizations. If a zero trust architecture needs components to be deployed on networks fully under one\u2019s control, or is based on traditional on-premises networks and data centers, it will probably undermine the success of a rollout. If SaaS applications, the use of public cloud for data and resources and the prevalence of a mostly or fully remote workforce cannot be fully accommodated, the zero trust solution is destined for failure.<\/p>\n
Web3<\/a> and metaverse<\/a> technologies must also be accommodated if zero trust is to be successful. Gartner, in conjunction with its Gartner IT Symposium\/Xpo 2022, projected that \u201cThrough 2027, fully virtual workspaces<\/a> will account for 30% of the investment growth by enterprises in metaverse technologies and will \u2018reimagine\u2019 the office experience.\u201d<\/p>\n
Failure may be a problem of \u201cyou can\u2019t get there from here\u201d that prevents necessary work or information flow from occurring. It also may be one of instituting too much complexity that thwarts or limits employees\u2019 natural work styles.<\/p>\n
A recent Verizon Mobile Security<\/a> Index<\/a> report showed that 66% of employees expect that they will have to sacrifice security for speed to meet business or job requirements. Another 79% said that they have already had to make such a trade-off to meet a deadline or objective. This means that for zero trust to be successful, it cannot impede work efficiency and speed. It must fit existing work styles, workflows and expectations.<\/p>\n
Thwarting the unknown unknowns<\/h2>\n
The third factor is the failure to address both intentional and unintentional threats. Zero trust is not simply about access or proven identity and authorization in the traditional sense. Those aspects are certainly crucial, but other things contribute to achieving zero trust. It must thwart malicious actions but also ones that are completely accidental. The ability to assign or utilize fixed IP addresses, for instance, helps ensure greater certainty of both the user and the resource they are trying to access.<\/p>\n
Another aspect might be the way that an encrypted tunnel \u2014 either as a VPN or a part of the communication between an application, such as email or a CRM, and a user \u2014 begins and terminates. Gaps could cause vulnerabilities that attackers could target to circumvent zero trust protections.<\/p>\n
Still another aspect might be the need for an automated way to perform a status check on the user\u2019s access device to ensure that it meets the required standards for security.<\/p>\n
Zero trust failure is not an option<\/h2>\n
In addition to the above three factors, success or failure may hinge on clarity and understanding of things like the complete attack surface of one\u2019s organization or the collaboration patterns of employees and departments. The zero trust architecture may not correctly recognize existing data flows or business processes. Not being able to both protect and facilitate such things will always mean failure.<\/p>\n
But failure of zero trust is hardly an option an organization can afford. With data breaches continuing to escalate and penalties for compliance violations rising and reaching levels that are material to companies, most agree that zero trust is a necessity.<\/p>\n
Certainly failure of a zero trust project would put it in good company with other IT failures. According to Smart <\/a>Insights<\/a>, 63% of all CRM initiates fail, 70% of marketing automation projects fail and 84% of business transformation efforts fail. Still, zero trust does not have to be another inevitable tragedy. By rethinking how it can be achieved and incorporated within existing systems, infrastructure, work styles and anticipated future changes, you can greatly improve zero trust\u2019s potential for success.<\/p>\n
Michael Cizek is managing director at Global Automation and Identification Group. <\/em><\/p>\n
\n
DataDecisionMakers<\/h3>\n
Welcome to the VentureBeat community!<\/p>\n
DataDecisionMakers is where experts, including the technical people doing data work, can share data-related insights and innovation.<\/p>\n
If you want to read about cutting-edge ideas and up-to-date information, best practices, and the future of data and data tech, join us at DataDecisionMakers.<\/p>\n
You might even consider\u00a0 contributing an article<\/a>\u00a0of your own!<\/p>\n
Read More From DataDecisionMakers<\/a><\/p>\n<\/div>\n
\t\t\t\t<\/html><\/div>\n<\/p><\/div>\n
Read More<\/a>
\n Michal Cizek, GoodAccess<\/p>\n","protected":false},"excerpt":{"rendered":"
January 12, 2023 11:07 AM Image Credit: Getty Images Check out all the on-demand sessions from the Intelligent Security Summit here. While the value and importance of zero trust network access (ZTNA) today can hardly be overstated, there are numerous accounts of failed attempts at achieving it, particularly in smaller and medium businesses. Zero trust<\/p>\n","protected":false},"author":1,"featured_media":597048,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[28502,30049,46],"tags":[],"class_list":{"0":"post-597047","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-ensure","8":"category-factors","9":"category-technology"},"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/newsycanuse.com\/index.php\/wp-json\/wp\/v2\/posts\/597047","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/newsycanuse.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/newsycanuse.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/newsycanuse.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/newsycanuse.com\/index.php\/wp-json\/wp\/v2\/comments?post=597047"}],"version-history":[{"count":0,"href":"https:\/\/newsycanuse.com\/index.php\/wp-json\/wp\/v2\/posts\/597047\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/newsycanuse.com\/index.php\/wp-json\/wp\/v2\/media\/597048"}],"wp:attachment":[{"href":"https:\/\/newsycanuse.com\/index.php\/wp-json\/wp\/v2\/media?parent=597047"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/newsycanuse.com\/index.php\/wp-json\/wp\/v2\/categories?post=597047"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/newsycanuse.com\/index.php\/wp-json\/wp\/v2\/tags?post=597047"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}

Event<\/h3>\n\nIntelligent Security Summit On-Demand<\/span><\/p>\nLearn the critical role of AI & ML in cybersecurity and industry specific case studies. Watch on-demand sessions today.<\/span><\/p>\n<\/div>\n