Upside of Zero Trust
Among many benefits, ease of use is near the top.
Zero Trust rethinks security. It suggests a shift away from the longstanding practice of perimeter defense, toward the adoption of a cloud-based, application-centric approach to security.
The perimeter approach isn’t working. Zero Trust offers a simpler, smarter way to implement security while simultaneously lowering the overall burden on IT staff.
Consider third-party contractors. It’s been a heavy lift to onboard these users. You give them a laptop, deploy a certification, implement local device management, load and configure VPN software. Zero Trust collapses the process, streamlining third-party connections via the Enterprise Application Access.
Zero Trust likewise simplifies routine maintenance, in part by shifting from VPNs, which obligates IT to keep up with vulnerabilities, to a SaaS model where the provider owns vulnerability management.
IT change management also gets streamlined and simplified. If you’re engaged in a merger, for example, or switching from one contractor to another, it requires effort to introduce new end points in a conventional architecture. As a cloud service, Zero Trust allows IT to onboard a new contractor once and then flow through the needed identity information to all end users in a single initiative. The architecture of Zero Trust makes it inherently simpler to manage such tasks, without having to reconfigure applications or reset multiple VPNs.
Zero Trust also is optimized to handle security in an increasingly HTTPS-driven world. Whereas the conventional security apparatus cannot see inside encrypted packets, Zero Trust is designed to automatically decrypt and inspect encrypted traffic at the proxy level. This lightens the operational burden on IT while simultaneously eliminating blind sports, allowing operators to peer inside the payload, rather than making inferences based on ports and protocols. The new approach is simpler and safer.
In much the same way, built-in Recursive DNS queries make it possible to catch attacks earlier. Inherent to Zero Trust is the notion of considering data from as many data sources as possible. By looking to see how an end point is behaving in terms of DNS services, the system gains deeper insight and, again, enables IT to catch potential problems earlier and with less effort.
Finally, Akamai’s Zero Trust solutions are built from the ground up to plug into dev ops workflows, with APIs and an open architecture that readily integrate with existing IT solutions. When implementing Zero Trust, these elements help to ensure a smooth and seamless transition.