Gartner’s latest Market Guide illustrates how digital business transformation is affecting enterprises worldwide.
Workforces are no longer located “inside” a network and today’s trust model is showing signs of strain. Threat actors exploit this model which results in breaches and exposes companies from a legal, financial, and regulatory standpoint.
ZTNA as a security architecture has been gaining momentum since an initial specification was released by the Cloud Security Alliance in 2014. Also known as a software-defined perimeter, it centralizes security mechanisms that broker trust between the application and both the user and their individual devices. Once trust is established, centrally distributed granular policies govern all transactions.
“ZTNA provides controlled identity- and context-aware access to resources, reducing the surface area for attack. The isolation afforded by ZTNA improves connectivity, removing the need to directly expose applications to the internet.” *
This architecture effectively hides applications and resources from public view, significantly reducing the attack surface. The result is a boundary around applications that is based on identity, context, and logical-access.
Virtually all enterprises have a blend of data center and cloud-based applications. Ensuring that corporate and remote workforces and 3rd parties (such as contractors, suppliers, or distributors) have secure access anytime, anywhere, and from any device is critical for today’s modern business. ZTNA offers immediate benefits by, according to Gartner, "enabling precision ("just in time" and "just enough"), least-privilege access for named users to specific applications only after an assessment of the user identity, device identity and hygiene (highly encouraged), and context has been made."