Zero-Trust Network Access Can Strengthen Application Workloads
To bolster the security of application workloads, networks must verify every user before they receive permission to access critical resources, Newton says. Network administrators then log the access for later analysis or auditing.
“This verification applies regardless of whether the user is trying to access those resources remotely or is already within the network perimeter, helping to ensure a higher security posture for organizations, and it is especially powerful for organizations with a hybrid workforce,” Newton says.
Health systems can use a type of IT security solution called zero-trust network access (ZTNA), which delivers secure remote access to a health system’s applications according to an organization’s specific access control policies.
“ZTNA takes the principles of zero trust and applies them to application access,” Newton says. “Its per-session controls mean that users and devices are authenticated and monitored every time they seek to access an application, effectively closing security gaps that can arise from things like unattended devices.”
DISCOVER: Zero trust lessons health IT teams can learn from the federal government.
Automation helps health organizations integrate security systems with applications, says Greenberg.
“Once the security is attached to the application and knows the application, it’s much easier for you to implement a zero-trust approach because there is a symbiotic relationship between the application and the security,” Greenberg says. “If the security is detached from the workload, then everything needs to be configured manually, and that’s not a good practice, and not even viable in the digital world.”
In addition, healthcare systems must understand how applications operate within their environment, Gregory notes.
He adds that a key strategy entails vetting application workloads. “That, to me, is the critical step toward identifying the controls and the security policies needed to achieve zero-trust principles,” Gregory says.
