No trust assumed: strengthen cybersecurity with ZTNA

In today’s mobile work environment, organizations must balance the need to provide end-users access to necessary resources with effective security protections.

To meet this challenge, modern security solutions are moving away from Virtual Private Networking (VPN) to the identity- and context-based security model of Zero Trust Network Access (ZTNA).

In the webinar, Stranger Danger – Going Beyond Secure Remote Access with Zero Trust Network Access, Aaron Webb, Jamf Senior Product Manager, Security, discusses why organizations need to reconsider their network authentication and security approach, and the benefits and possibilities of ZTNA for the modern working environment.

Overview of ZTNA

According to Gartner, Zero Trust Network Access (ZTNA) is a product or service that creates an identity-based and context-based, logical access boundary around an application or set of applications.

Essentially, ZTNA is a collection of principles, software, security tools and policies.

ZTNA should be considered a building block in your overall organization security, not a total solution. The fundamental idea with ZTNA is that no trust is assumed, and both users and devices should always be checked and verified before access to resources is granted.

Principles of ZTNA:

Strong security – based on elements including:

• Identity-centric security – Identity explicitly ties access routes with access rights
• App-based segmentation – Each application has its own access policy
• Risk-aware access policies – Regular context checks for access based on changing risks

Enhanced manageability – from the perspective of those managing the solution:

• Streamlined management – should be as easy as possible to manage
• Trust Broker/Software Defined Perimeter – restricts application access until verification

Emphasis on usability – improvements for end users include:

• Fast connectivity – vastly improved connectivity speeds for a seamless user experience
• Dynamic split tunnel – separation of business and personal applications

Building support for ZTNA: start with the end users

Why should you change to ZTNA? Consider the wisdom of the late Steve Jobs – “You have to start with the customer experience and work backwards to the technology.”

Unfortunately, traditional secure remote access VPN does the opposite.

The fundamental flaws of legacy VPN include:

• Insecure by design – full network access allows attackers to move laterally
• Complex to manage – large scale deployments require entire teams to manage
• Substandard to use – not designed with a focus on user experience

While VPN may have worked fine when everyone was in the office, and all resources were within an organization’s own network, for today’s mobile workforce it’s not the best solution.

As organizations have transitioned towards cloud or hybrid working environments, the benefits of the ZTNA user experience are apparent:

• Speed – no more “wheel of death” while trying to work
• Native experience – matches the expectation that devices just work
• Simple to setup and remediate – empowered to resolved issues themselves

How to secure remote access

Webb cautions that Zero Trust implementation is not easy, requiring everyone in an organization to understand and commit to the need for verification and re-verification requests.

This webinar provides a series of steps and tips to plan your journey to ZTNA.

Crucial information discussed includes:

• Things organizations should consider when choosing a ZTNA solution
• A framework to understand readiness to implement ZTNA
• Tips on planning, vision and priorities
• Strategy for faster deployment, higher control and visibility
• Developing a future-proof infrastructure that scales

All things considered, when you’re ready for ZTNA, you should check out Jamf Connect, the solution to give users the best work anywhere experience.

Jamf Connect includes a next-gen VPN solution purpose-built for Apple, built by Jamf, the company and partner you already know and trust to manage and secure your Apple deployment.

Get deeper into ZTNA

For an in-depth discussion of what you need to know about implementing Zero Trust Network Access in your organization, check out the full webinar below.