Guest Column | November 8, 2021

Why IT Teams Should Adopt A 'Zero Trust' Approach When It Comes To Network Security

By Todd Kiehn, GTT

Cybersecurity Security Lock

The FBI saw cyberattack complaints rise in the United States by nearly 20% between 2019 and 2020, while the collective cost of ransomware attacks reported rose more than 200% in 2020. The move to remote working, with the majority of employees working away from their normal locations for the first time, combined with workers and IT support functions inexperienced with security best-practices for remote access to corporate resources, created opportunities for hackers and other threat actors to take advantage of.

This challenge isn’t going away, as hybrid workplaces are the new norm and a full return to the office is unlikely any time soon. Industry analyst firm IDC estimates that 53% of workers are planning to continue to work remotely or adopt a hybrid home-office arrangement as a result of the pandemic.

In addition, changes to traditional network boundaries, as corporations move more of their resources into the cloud and leverage SaaS applications, require a new approach to cyber security and risk management. All of this means that corporate IT teams need to be more vigilant than ever when it comes to developing their overall enterprise IT security strategy.

One best practice is to embrace a “zero trust” security architecture, so application access is enabled through end user identity and role-based access privileges to sets of applications regardless of user location, rather than accepting the proven risks associated with trusting users or devices within the network perimeter.

This approach enforces access controls to specific enterprise resources based on user role, their device, the applications they use, their specific security settings, and the specific privileges required to perform their role. Many zero-trust implementations are designed in such a way as to provide a consistent user experience regardless of where a user is connecting from, and therefore can deliver particular value for the hybrid workforce and work-from-anywhere model.

Also crucial for the long-run success of enterprise security is the SASE (Secure Access Service Edge) framework, which strives to integrate enterprise security and next-generation networking into a cohesive stack. SASE takes corporate networking concepts like SD-WAN and ties them to the security layer, extending beyond static perimeter firewalls to include cloud-native security capabilities. By integrating networking and security in this manner, IT can better address an enterprisewide approach to managing security, while also maximizing application performance. The SASE framework also seeks to move as many security functions as possible to the cloud, where they can be deployed at scale and to users regardless of their physical location. This focus on cloud security is crucial for the hybrid-workforce future where on-premises access won’t be the expectation.

Ultimately though, the new zero trust and SASE models must be complemented by vigilance and adherence to security protocols by employees within an organization, together with thoughtful design and regular review of security policies by IT teams. Security teams should perform a full audit on employees’ access to systems, applications, and data to establish a new access baseline, and automate security privilege change management where possible for the future. They should also work to establish a system of ownership/control over all of an organization’s data, educate all employees on proper network security, and regularly review and adjust every aspect of their plans and processes. Within this broader organizational culture shift, the zero-trust mindset can be an important tool to protect the enterprise in today’s threat landscape.

About The Author

Todd Kiehn is Senior Vice President of Global Product Management at GTT, responsible for the company’s comprehensive portfolio of network and managed services that include SD-WAN, cloud security, internet, enterprise voice, and professional services. With nearly 20 years of experience in the telecommunications industry, Mr. Kiehn held previous product management and marketing leadership roles at Level 3, Broadwing, and Covad. Mr. Kiehn has a bachelor’s degree in Political Science from Georgetown University and an MBA from the University of California, Berkeley. He is based in Austin, Texas.