Six Key Characteristics of a Modern ZTNA Solution
This blog was originally published by Bitglass here
Written by Jeff Birnbaum, Bitglass
Even as organizations continue adoption of cloud technologies, the need for secure access to on-premises resources has not gone away. In fact, as many companies navigate a return to the office while simultaneously supporting a portion of the workforce now permanently remote, secure access becomes even more important.
Zero Trust Network Access (ZTNA) has quickly become the gold standard for securing access to on-premises resources, overcoming limitations of traditional VPNs while enabling adoption of modern zero trust security. However, not all ZTNA solutions are built the same. Here are six key characteristics to keep in mind when evaluating ZTNA solutions.
1. Scalable Performance
We have discussed the importance of uptime and performance before, and the message bears repeating for ZTNA solutions. A solution tasked with connecting remote workers to necessary on-premises resources must be responsive and reliable or companies risk losing productivity gains from remote work. A dynamically scalable solution, such as one hosted in the public cloud, provides additional benefits as in-office work ebbs and flows.
2. Robust Data Loss Prevention (DLP)
DLP becomes a heightened concern with a remote workforce. In the modern work environment where employees expect to be able to access corporate resources on their own unmanaged personal devices, a ZTNA solution must support advanced DLP capabilities, such as advanced regex and exact data matching, to prevent the exposure of sensitive information through techniques like blocking, digital rights management (DRM), and encryption on download.
3. Advanced Threat Protection (ATP)
The ease and prevalence in which malware can spread to other devices and users through downloads makes advanced threat protection (ATP) a must-have for ZTNA solutions. A solution using behavior-based techniques with advanced detection engines surpasses those using signature-based techniques and is capable of stopping never-before-seen zero-day threats.
4. BYOD Deployment Options
“Bring-your-own-device” (BYOD) policies are now commonplace in remote work environments. This means an effective ZTNA solution must be capable of serving BYOD users with agentless options while also offering agent-based options for managed devices.
5. Granular Visibility and Reporting
Recent cybersecurity orders and mandates highlight the importance of improved visibility and reporting, particularly as organizations move to adopt more zero trust deployments. Granular visibility and detailed reporting capabilities must therefore also be key characteristics of a chosen ZTNA solution in order to demonstrate regulatory compliance as well as enable security audits.
6. Part of a Comprehensive SASE Offering
ZTNA, along with cloud access security brokers (CASBs) and secure web gateways (SWGs), make the foundation of secure access service edge (SASE) architectures. As SASE architectures are needed for organizations to securely embrace cloud computing, digital transformation, and remote work, decision makers should select a ZTNA solution that is already part of a complete SASE offering.