It is a myth that the public cloud is a security risk. From an infrastructure point of view, AWS and Microsoft Azure have raised the security bar by adopting a Zero Trust Network (ZTN) model as standard. The concept of ZTN is not new but there are many myths associated with it that often create artificial barriers to implementing the model throughout a corporate network.
- Myth 1 is that everything is trusted. It's not - thats the point. Policies need to be created and applied to create trust between assets. This approach not only makes it harder for someone in your network (legitimately or not) to move laterally but it also makes it much easier for a SOC to detect malicious traffic
- Myth 2 is that it's costly and time consuming to manage. It can be if done badly but done correctly it's not. In fact we think we can reduce both your CAPEX and OPEX costs with our approach
- Myth 3 is that the identity is key. Identity is only part of ZTN. Traffic the asserted identity generates must be inspected for malicious content and unauthorised activity and logged through Layer 7. Start with the protect surface (the sensitive data you want to protect), and extend across the network to the applications, systems and users
- Myth 4 ZTN is done at layer 3. With many vendors yes but we can show you how to do this up to layer 7. Most attackers can bypass traditional network firewalls operating at Layer 3–4 and use port scans to access vulnerable open ports or services. When you create policy at Layer 7, you have visibility throughout the entire stack, preventing attackers from moving across the internal network and accessing sensitive data or systems
A ZTN should not be limited to your corporate locations, it needs to include access to cloud services and applications as well as mobile users.
We believe that the foundation of any cyber security strategy is accepting that you will probably suffer a successful attack at some point. The most valuable thing you can do is understand your relevant threats (your risk) and invest in solutions and services that help mitigate the risk as much as possible. A Zero Trust Network is one of the most effective architectural changes you can make to build security as standard.