Security Market Segment LS
Thursday, 02 April 2020 22:32

How embracing Zero Trust will improve IT security

Budd Illic ANZ Country Manager, Zscaler Budd Illic ANZ Country Manager, Zscaler

GUEST OPINION by Budd Ilic, ANZ Country Manager, Zscaler: The benefits of cloud platforms are now well understood within most organisations, however some IT teams are still hesitant to adopt due to the subject of security.

They fear that, once key applications and data stores are shifted from on-premise locations to cloud platforms, the task of maintaining security will become complex and difficult to manage.

While it’s right to be mindful about the importance of having effective security measures in place, achieving this in a cloud environment is not an impossible task. What it requires is a change in mindset and strategy.

A new way of thinking

At the heart of the new mindset is the concept of zero trust. While it’s usually only connected with security, it can actually have a much wider impact on an organisation than people realise.

According to a survey by Cybersecurity Insiders1 , which asked more than 315 IT and cybersecurity professionals around the world about their thoughts on zero trust, 78 per cent of security teams want to adopt the strategy. However, 53 per cent of teams believe that their legacy technology, which is appliance-based and places users on the network, is enough to do the job.

Although this confusion is perhaps understandable, it is also a little concerning. IT teams need to realise that being reluctant to embrace new technologies and move away from legacy approaches, will actually slow planned business transformation.

If an organisation has a goal of allowing users to work productively from anywhere, there is little benefit in requiring them to be routed through network appliances located in just a few locations. Also, if the goal is to keep a lid on costs, there is little point in continuing to invest in expensive appliances that can’t be quickly scaled to meet demand.

There are three best practices that can allow an organisation to fully embrace and get the benefits of a zero trust strategy.

1. Choose the underlying technology carefully:

It’s a truism that every job needs the right tool, and using the cloud as a delivery mechanism is the right approach when it comes to adopting zero trust. Indeed, research company Gartner recommends organisations make use of zero trust network access (ZTNA) technologies that are delivered as a service from the cloud when securing access to private applications.

ZTNA has the benefits of delivering better availability, faster deployment, and better protection against DDoS attacks than on-premise alternatives.

2. Tackle the challenges created by cloud and mobility:

When it comes to achieving the benefits offered by cloud platforms and mobile work practices, removing any potential obstacles is vital. The biggest challenges that are likely to be faced include identity management, minimising the attack surface, and gaining greater visibility into user activity.

As the number of remote and mobile workers has grown in recent years, and BYOD policies have become more widespread, the concept of identity management has become a central component when establishing trust. Thankfully, ZTNA tools can integrate with multiple identity providers to ensure that users are authorised and policies are enforced to provide a secure connection between a user and an application.

In the past, virtual private networks (VPNs) were designed to connect users to a network. This, in turn, required the network to make itself accessible, and this accessibility could be exploited by cybercriminals. ZTNA helps reduce the attack surface by only allowing authenticated users to access specific applications, based on policies set by an organisation.

Rather than simply focusing on IP addresses and email, as is the case with VPNs, ZTNA delivers increased visibility into actual user and application activity. The IT team can view every log and transaction in real time and with granular detail to understand who is accessing which applications. ZTNA also provides the ability to monitor the health of an IT infrastructure to ensure that applications and servers remain available and operating

3. Establish the best use case for your organisation:

Once an organisation decides to adopt a zero trust strategy, the IT team should initially focus on the use case that will deliver the most immediate positive

Research has shown that the most common zero trust use cases include those that focus on things such as providing access for contractors, application access during a merger or acquisition, providing an alternative for VPNs, and supporting multi-cloud access.

Doing nothing is not an option

During times of rapid change, it can be tempting to put your head down and simply continue with business as usual. This, however, is no longer an option. Adoption of cloud platforms and the ongoing rise in mobility means IT teams need to recognise that the game has changed.

Now is the time to understand the benefits that a zero trust strategy can deliver to your organisation and how it can prepare you for future challenges and opportunities.

Read 2003 times

Please join our community here and become a VIP.

Subscribe to ITWIRE UPDATE Newsletter here
JOIN our iTWireTV our YouTube Community here


Thoughtworks presents XConf Australia, back in-person in three cities, bringing together people who care deeply about software and its impact on the world.

In its fifth year, XConf is our annual technology event created by technologists for technologists.

Participate in a robust agenda of talks as local thought leaders and Thoughtworks technologists share first-hand experiences and exchange new ways to empower teams, deliver quality software and drive innovation for responsible tech.

Explore how at Thoughtworks, we are making tech better, together.

Tickets are now available and all proceeds will be donated to Indigitek, a not-for-profit organisation that aims to create technology employment pathways for First Nations Peoples.

Click the button below to register and get your ticket for the Melbourne, Sydney or Brisbane event



It's all about Webinars.

Marketing budgets are now focused on Webinars combined with Lead Generation.

If you wish to promote a Webinar we recommend at least a 3 to 4 week campaign prior to your event.

The iTWire campaign will include extensive adverts on our News Site and prominent Newsletter promotion and Promotional News & Editorial. Plus a video interview of the key speaker on iTWire TV which will be used in Promotional Posts on the iTWire Home Page.

Now we are coming out of Lockdown iTWire will be focussed to assisting with your webinars and campaigns and assistance via part payments and extended terms, a Webinar Business Booster Pack and other supportive programs. We can also create your adverts and written content plus coordinate your video interview.

We look forward to discussing your campaign goals with you. Please click the button below.


Staff Writers

Our Staff Writers and Guest Writers contribute content to iTWire each day and they are a valuable asset to the team. If you want to be a staff writer please contact us.

Share News tips for the iTWire Journalists? Your tip will be anonymous




Guest Opinion

Guest Reviews

Guest Research

Guest Research & Case Studies

Channel News