Page 32 - EngineerIt March 2021
P. 32

INDUSTRY, TECHNOLOGY AND INNOVATION


        A zero-trust networking approach for enhanced security



        By Simeon Tassev, MD and QSA at Galix                                     for error with regard to policy implementation.
                                                                                  Using this type of network design places
          ollowing the Covid-19 pandemic, many                                    enterprises in a more effective position to
       Fbusinesses restructured their entire                                      manage the complex workforce setup that the
        office strategy by locking or reducing their                              ‘new normal’ has created.
        office footprint, others introducing hot desk
        policies and some going completely remote.                                Ensuring effectiveness
        This shift brings with it a variety of elements                           The first step in effectively implementing a
        as well as challenges in terms of security.                               SASE framework is to understand, from an
        Policies and processes must be adapted,                                   architectural perspective, how it will function.
        and controls need to become software-                                     An assessment is therefore required of the
        based to cater to a world where people are                                applications that are in place, what is required
        empowered to work from anywhere. The                                      to access them, and where they need to be
        Secure Access Service Edge (SASE) is built                                accessed from in order for employees to
        on a zero-trust approach that requires all                                perform their jobs. Businesses need to map
        connecting devices to meet the criteria as                                what users need to connect to and where.
        defined by security policies and have the                                 Only once this is understood can the relevant
        right levels of authentication. This framework   effective or even possible and doing so   controls be put into place, and technology
        offers an effective solution to security   negatively impacts business efficiency. A   implemented to enforce and police these
        challenges faced today and in the future.   different approach is essential to facilitate   controls. Furthermore, this updates the
                                             today’s dynamic access requirements.   permissions required along with access controls
        The edge is growing                                                       and authentication.
        The traditional approach of boundary   Trust is earned
        protection with remote access becomes   SASE starts from a base of zero trust. This   The right partner is key
        increasingly cumbersome and ineffective as   means that, by default, all devices are   Technology is a crucial tool in facilitating a
        the edge grows and boundaries become more   untrusted. To earn trust and gain access,   zero-tolerance network approach, as it is
        amorphous. Environments need to open up   policies need to be applied and criteria met,   impossible to enforce controls otherwise,
        to allow for an increased workforce of people   such as various levels of authentication   but choosing the right tool and customising
        who are not necessarily working from within   that must be implemented. To do this,   it effectively can prove challenging. The most
        the corporate physical location. A more flexible   agents are loaded onto endpoint devices,   appropriate technology solution depends on
        and scalable approach is needed, but at the   which connect with the SASE system and   the architecture and specific requirements
        same time, security needs to be tighter than   receive the relevant levels of access and   of an enterprise. The right security partner
        ever. To facilitate current and future workforce   permissions to enable connection. It allows   can ensure that technology, access and
        requirements, enterprises need to ensure that   businesses to facilitate a remote or hybrid   strategies are linked to the particular needs of
        all endpoints and connections are managed   workforce using public infrastructure, while   the enterprise and design a solution to suit.
        with consistent policies regardless of location.   still applying corporate security policies   Risk mitigation is the key, and an effective
           The work-from-anywhere business   consistently and homogenously.       partner can help businesses to navigate the
        model creates greater edge computing and   Using a SASE framework ensures more   unchartered waters of the current environment
        changes network access needs, as more   effective management, as policies and access   and position to meet future changes with
        users, devices and applications become   controls are applied consistently regardless   greater ease.    n
        located outside of the corporate enterprise.   of device or location. This is also more secure
        Locking down the perimeter is no longer   because it is homogenous and leaves no room   For more details email simeon@galix.com


























                                                   EngineerIT | March 2021 | 30
   27   28   29   30   31   32   33   34   35   36   37