Zero-Trust Network Access

Five Network Security Predictions for the Enterprise

Broader changes in IT environments around the world are changing the role that security plays and its place in the evolution of enterprise networking. For the past several decades, organizations have relied on traditional, trust-based networking models that have become more inflexible and insecure as new computing environments have emerged and evolved. This includes work environments, where today’s employees are not necessarily in the office on a daily basis, accessing local data center-based applications. Instead, there are now a wide range of broadly deployed, popular, cloud-based applications that are part of a larger overall shift in IT. In addition to the perimeter softening, security paradigms designed around the idea that users on the local area network (LAN) can be trusted are now considered high risk. As this trend continues deeper into 2020, we are taking a closer look at five enterprise security predictions expected to impact networking as business needs and threats evolve.

Increasing convergence of networking and security

The network is now everywhere and most of the time, the backbone is the Internet itself, which heightens the demand for security. It is simply no longer possible to separate the network from the security stack. As a result, it is now time to think of the enterprise network as virtual, rather than physical, to ensure the perimeter follows the user no matter where they go. Industry thought leaders are converging architecture and standardizing around this approach.

While the Cloud is the first important step toward strengthening network security, it will not be enough. Cloud networking will soon be essential for delivering services effectively over a true "virtual private network."

People-centric over site-specific network security

Secure Access Service Edge (SASE) technologies are a new option in network security that enable organizations to provide people-centric, manageable, ubiquitous, secure and agile access to networked systems, services and applications. With SASE-based networking, end users are freed from the hassles and frustrations of traditional networking platforms and the need for repeated connections when they want to access distributed applications.
 
SASE allows users to connect a single time to gain access to all IT-approved resources, regardless of location. People-centric SASE platforms rely on a dense network of PoPs around the world, and globally distributed users will connect to the closest PoP via their browser or through a thin client. As a result, users enjoy an upgraded experience compared to using a corporate VPN.

Increased focus on users and data with Zero-Trust

Many legacy applications were not designed to be accessible from the internet and lack the basic security that we take for granted in modern SaaS applications. Restricting access to legacy applications using a zero-trust networking solution modernizes the IT environment by isolating the application from the enterprise network and allowing access to authorized users only. The term “Zero-Trust” became widely known in 2019 and was originally coined by Forrester Research in 2010, when they described it as a methodology for micro-segmenting the network.
 
Today, it has been expanded to describe a complete ZTX security framework. It makes sense to look at security in terms of what users are doing and what information they are accessing, rather than relying on where their devices are connected. Zero-trust enables administrators to limit the attack surface, continuously verifying that users are who they say they are, and ensure those people only access the data that is required for their corporate position.

Higher value integrated solutions over point solutions

Moving forward, traditional site-centric networking solutions will continue to be dismantled and replaced by integrated software-defined platforms. These new platforms bring the advantages of scale, agility and cloud-economics to network connectivity and security, providing secure access to corporate resources and the internet at any time or location.
 
Just as SaaS, IaaS, and PaaS transformed applications, well-integrated solutions are transforming networking and network security. This is because they address today’s pressing requirements for secure remote access, multi-cloud connectivity, and branch connectivity in a unified package. This offers the flexibility to address the full range of challenges posed by multi-platform IT environments.

The consolidation of preventative and protective processes

Companies have always required solutions that provide the highest levels of security possible without impacting productivity. The convergence of networking and security in the cloud is doubling down on the proposition to provide much higher levels of data protection using an unobstructive model.

The consolidation of networking and security instead of managing multiple point products will reduce complexity and improve workplace outcomes. For one, time management will be optimized through reduced training and switching from the sequential to concurrent running of processes. Additionally, costs will be cut significantly, both from a capital and operational perspective, as a result of fewer solutions to purchase and maintain.

Looking forward in network security

As the above technology shifts in network security become increasingly pervasive in global enterprise operations, it is expected that instances of successful internal and external security attacks will begin to stabilize. Networking and security professionals now have these insights to guide them as they address these challenges impacting businesses today.

Subscribe to the Proofpoint Blog