Watch a detailed rundown of the essentials of successful zero trust architecture with Nathan Howe, VP of Emerging Technologies at Zscaler.
Before we examine zero trust architecture in more detail, let's distinguish between these two interrelated terms:
To put the two together, a zero trust architecture provides the foundation organizations need to deliver ZTNA and make their systems, services, APIs, data, and processes accessible from anywhere, at any time, and from any device.
For the last three decades or so, organizations have been building and reconfiguring complex, wide-area hub-and-spoke networks. In such an environment, users and branches connect to the data center by way of private connections. To access applications they need, the users have to be on the network.
Hub-and-spoke networks are secured with stacks of appliances such as VPNs and firewalls, using an architecture known as castle-and-moat network security. This approach served organizations well when their applications resided in their data centers, but now—with the rise of cloud services, emerging technologies, and rising security concerns—it’s slowing them down.
Today, organizations are driving digital transformation. They’re embracing the cloud, mobility, AI, the internet of things (IoT), and operational technology (OT) to become more agile and competitive. Users are everywhere, and organizations’ data no longer sits exclusively in their data centers. To collaborate and stay productive, users want direct access to apps from anywhere, at any time.
Routing traffic back to the data center to securely reach applications in the cloud doesn’t make sense anymore. That’s why organizations are moving away from the hub-and-spoke network model in favor of one that offers direct connectivity to the cloud: a zero trust architecture.
This video gives a simple yet detailed rundown of secure digital transformation.
Zero trust begins with the assumption that everything on the network is hostile or compromised, and access to an application is only granted after user identity, device posture, and business context have been verified and policy checks enforced. In this model, all traffic must be logged and inspected – requiring a degree of visibility that traditional security controls can’t achieve.
A true zero trust approach minimizes your organization’s attack surface, prevents lateral movement of threats, and lowers the risk of a breach. It’s best implemented with a proxy-based architecture that connects users directly to applications instead of the network, enabling further controls to be applied before connections are permitted or blocked.
To ensure no implicit trust is ever granted, a successful zero trust architecture subjects every connection to a series of controls before establishing a connection. This is a three-step process:
Watch a detailed rundown of the essentials of successful zero trust architecture with Nathan Howe, VP of Emerging Technologies at Zscaler.
A zero trust architecture provides the precise, contextual user access you need to run at the speed of modern business while protecting your users and data from malware and other cyberattacks. As the bedrock of ZTNA, an effective zero trust architecture helps you:
(Adapted from “Implementing a Zero Trust Architecture,” a National Institute of Standards and Technology [NIST] Special Publication)
The Zscaler Zero Trust Exchange™ is an integrated, cloud native platform founded on the principle of least-privileged access and the idea that no user, workload, or device is inherently trustworthy. Instead, the platform grants access based on identity and context such as device type, location, application and content to broker a secure connection between a user, workload, or device—over any network, from anywhere, based on business policy.
The Zero Trust Exchange helps your organization:
Ready to experience true zero trust? Learn more about the Zscaler Zero Trust Exchange.
Seven Elements of Highly Successful Zero Trust Architecture
Get the ebookWhy Firewalls Cannot Do Zero Trust
Watch on demandA Brief History of Zero Trust: Major Milestones in Rethinking Enterprise Security
Get the white paperZero Trust Adoption Report | Cybersecurity Insiders
Get the full reportWhat Is Zero Trust?
Learn moreGartner Market Guide for Zero Trust Network Access
Get the full report