Reel in phishing attacks with Zero Trust Network Access

It’s time to abandon passwords and adopt a better way to combat cyber attacks, according to a security expert. Organizations can reduce their risk “massively” by using a new approach known as Zero Trust Network Access (ZTNA), said Rafi Wanounou, SE Director at Fortinet at a recent ITWC briefing.

“The challenge with existing authentication frameworks is they can be compromised through phishing and social engineering,” said Wanounou. “ZTNA is designed to put a bullet in this.”

ZTNA controls access to applications. It’s a way to verify users and devices before every session, no matter where they are, he explained. It also confirms that they meet the organization’s requirements to access that application.

Wanounou described ZTNA as a game changer. “This is the solution we’ve been waiting for,” he said.

How does ZTNA work?

ZTNA is founded on the principle of Zero Trust. “It literally means that no one is trusted, even at the corporate office,” said Wanounou. “Those days of trusting people with a badge to enter the office are slowly coming to an end.”

View on demand: “Zero Means Zero: Adopting ZTNA for the Hybrid Office Era”

With ZTNA, users are verified with multi-factor authentication such as usernames and biometrics. It also requires a physical token based on a new universal standard known as FIDO2 (Fast Identity Online). “You’re not going to get anywhere until you insert that token into your laptop,” said Wanounou. “So, unless the attacker is standing over you and inserting that device into your laptop, in theory, it’s unbreakable. It’s really the only technology that we have today that can’t be phished or spoofed.”

Allows users to securely work from anywhere

Another key advantage of ZTNA is that it truly enables employees to work from anywhere, Wanounou said. “User satisfaction is going to skyrocket because it’s more convenient for them,” he said.

Wanounou noted that the authentication process is seamless for users. It gives them access to the resources or applications they need without jumping through hoops.

The solution will also simplify security and reduce overhead costs for organizations, he said. For one thing, it puts an end to the need to manage devices. “If you’re doing next-gen ZTNA, everything is stored in the cloud,” said Wanounou. “If a laptop gets lost, there’s no risk because there should be nothing on it. It becomes disposable.”

It will also allow organizations to reduce the number of legacy security tools they have. “We have a lot of pieces now to accommodate work from home, Wanounou explained. “What ZTNA allows us to do is to collapse the stack of devices. You literally need 20 per cent of the devices that you have today to achieve 300 per cent of the service to your end users. It drastically lowers operating overhead.”

How to prepare for ZTNA

Although ZTNA is in the early stages, Wanounou encouraged briefing participants to embrace the idea now.

It starts with user education, he stressed. It’s important for employees to understand the concept of Zero Trust. Secondly, organizations should review the interoperability of their security stack. “This is a challenging piece if you have solutions from a number of vendors,” he said. A transition from central device management to a BYOD (bring-your-own-device) approach will be necessary to make ZTNA work. As well, Wanounou urged participants to tighten up their policies on what applications employees can access.

“This is absolutely the future the very near-term,” he said. “Just start thinking about how you can incorporate ZTNA into everything you do going forward

View on demand: “Zero Means Zero: Adopting ZTNA for the Hybrid Office Era”

Would you recommend this article?

Share

Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.


Jim Love, Chief Content Officer, IT World Canada

Featured Download

Cindy Baker
Cindy Baker
Cindy Baker has over 20 years of experience in IT-related fields in the public and private sectors, as a lawyer and strategic advisor. She is a former broadcast journalist, currently working as a consultant, freelance writer and editor.

Featured Articles

Cybersecurity in 2024: Priorities and challenges for Canadian organizations 

By Derek Manky As predictions for 2024 point to the continued expansion...

Survey shows generative AI is a top priority for Canadian corporate leaders.

Leaders are devoting significant budget to generative AI for 2024 Canadian corporate...

Related Tech News

Tech Jobs

Our experienced team of journalists and bloggers bring you engaging in-depth interviews, videos and content targeted to IT professionals and line-of-business executives.

Tech Companies Hiring Right Now