Zero Trust Network Access (ZTNA)

VPN is not the only Answer

There is a more secure and easier way to access data

For years, the go-to method of remotely accessing data was the Virtual Private Network (VPN). It was so commonplace that many didn't think twice about opening ports on firewalls and allowing access to networks. This nonchalance bled over into organizations opting out of support agreements and software updates. No one seemed to notice that access was becoming less secure as well as cumbersome to the user. 

Close up low angle view of a man working from home on a laptop computer sitting at a desk surfing the internet
businessman hand show 3d cloud icon with padlock as Internet security online business concept-1

What is Zero Trust Network Access (ZTNA)?

Light years ahead of legacy VPN

Instead of connecting to your office network via VPN, you open a connection with a dedicated server hosted in the cloud and ask for permission to access a specific, predefined folder at the office or any hosted service or website. The cloud server identifies who you are through multi-factor authorization and checks your device for health, giving you a trust score. If the trust score exceeds the predetermined minimum requirements you are granted a short-term token and the cloud server retrieves the file or hosted service for you. You never have direct access to any files or hosted access, even websites. Here's a real-life example:

If you say, have an accounting person logging into Bank of America, ZTNA secures the computer, authenticates the user via multi-factor authentication (MFA), ensures the policies are met, and then grants access to that website. This works with Microsoft and M365 as well. No access to Teams, OneDrive, or any hosted app, service, or website until you are authenticated on that machine.

Why is ZTNA better than VPN?

Security, User Experience and Flexibility

VPN is too liberal in its access.  Once connected, the user has unfettered access to the entire workplace network, so the VPN is secure until it's not. Many organizations deploy VPNs and then stop paying the support agreement costs.

Users want a more efficient experience. In many cases, with VPN there are multiple solutions from different vendors across an organization, resulting in support issues as users are forced to use one app to get here, and another app to get there.

Should data access in the office have a completely different set of rules than remote? With local access, you just need a password and it's usually remembered by devices. Remote access includes token-based MFA and device posture check. Shouldn't both scenarios require the same security?  ZTNA is not solely a remote access tool. It is perfectly suited for in-office access as well.

Computer keyboard and multiple social media images
An adult elegant businessman standing on a red carpet arrow pointing ahead through a street with maze on two sides concept

What to Look for when comparing ZTNA

Top 10 points to consider

1. Solution cost
2. Deployment difficulty
3. Administrative and end-user experiences
4. Integration capabilities
5. Network complexity
6. User, device, resource, and access visibility
7. Metrics and reporting
8. Least privilege access control
9. Continuous authorization
10. Device trust

Contact Us