It’s one thing for a vendor to claim that it’s selling into a fast-growing market. It’s another to have a top industry analyst firm validate that a segment has transitioned from just hype into an essential trend, something Gartner has now done twice within a couple of months.
In October, Gartner forecast that the Zero Trust Network Access (ZTNA) (opens in new tab) market segment will grow by as much as 36 percent by 2023 and be worth more than $2 billion by 2026. In December, it published Predicts 2023: Zero Trust Moves Past Marketing Hype Into Reality, claiming, among other things, that by 2025, over 60% of organizations will embrace Zero Trust as a starting place for security.
Most of this likely comes as no surprise to vendors and enterprises alike, as those that have been innovating and implementing Zero Trust strategies and solutions over the past several years are well-aware of the accelerated demand cycle taking place.
John Herrema, Executive Vice President of Product & Strategy, Absolute Software
ZTNA
Zero Trust is a security paradigm gaining ground across public and private sector organizations. It calls for granting users only a level of access needed to enable business operations while minimizing friction and reducing risk. ZTNA is a product that serves a starting point and lynchpin of effective Zero Trust strategies.
ZTNA is helping organizations to overcome cybersecurity (opens in new tab) and connectivity challenges in the mobile environment by adding capabilities not provided by traditional VPNs. As Gartner points out though, there are additional factors that are weighting the demand scale. These include recognition that ZTNA can be leveraged to enable a secure and efficient office environment as well.
Adding capabilities on top of traditional VPNs inside and outside of the perimeter is a smart next step for enterprises and government agencies to take. Not only does it introduce a new level of security and ease of use, but also enables over-burdened IT and security teams to meet all their secure access requirements at scale.
It is critical for any businesses that are far along in their journeys and for those that are just getting started to understand that not all ZTNA products are created equal. However, there are certain features and benefits that should be considered non-negotiable when making decisions on ZTNA investments:
Integration
Security, risk, and other network and IT professionals are in high demand and short supply. The burden of managing dozens of products and services leads to inefficiency, opens security gaps, and causes burn out. Look for opportunities to integrate your ZTNA solution with the platforms it will be deployed across. Take endpoint security for example. If you are using or thinking about ZTNA, it’s likely that you have thousands of devices scattered across your office and mobile workforce, all connected to your computing environment around the clock.
Organizations that use a ZTNA solution that integrates with their endpoint protection (opens in new tab) solution can simplify deployment and improve their overall Zero Trust posture by continuously factoring both endpoint and access conditions into trust assessments. This method improves efficiency and reduces costs while providing comprehensive oversight. It also prevents access from being granted to a user whose identity has been verified, but whose device does not meet security and compliance standards.
Resilience
Although many solutions claim to be ‘resilient’ in one way or another, there are few ZTNA technologies that deliver on this promise. With marketing flooding the zone, how can decision makers differentiate what’s true and what’s false? Start by determining whether the ZTNA solution you are considering or already using is itself durable and providing resilience across networks in use.
The massive shift to remote working has increased users’ dependence on Wi-Fi, mobile, and other networks that employers do not own or control. These networks can be highly inconsistent with respect to performance, coverage, and quality, and even subject to system-wide outages (like the one that recently hit Zscaler).
The primary role of ZTNA solutions is to provide secure and consistent access. This means that to be of value, ZTNA must have the ability to operate independently of any single network and continuously monitor and repair connections to ensure users remain productive in any adverse networking conditions.
Our own data science team produces a regular data-driven report that reveals how often critical endpoint security, management, and access applications malfunction or slip into non-compliant states. Breakdowns occur for many reasons. These include technical issues, savvy users turning them off, and – most concerning of all – explicitly targeted cyber-attacks that render them inoperable. To maintain a compliant Zero Trust posture, related endpoint apps, including the ZTNA in use, must maintain a level of health and resilience that ensures they are always on and functioning as intended.
User experience
Increased security and compliance have traditionally come at the expense of user experience and productivity. Fortunately, resilient ZTNA solutions can simultaneously enhance your security and compliance posture and deliver a measurably better experience and increased productivity (opens in new tab). More advanced options in the market are not only enabling more resilient and secure access across distributed and on-premises environments, but also optimizing network traffic, repairing unhealthy connections, and collecting analytics that drive automated threat assessments and policy creation.
These recent Gartner findings show that in a world where thousands of vendors are competing for scarce budgets, organizations can be assured that ZTNA is now a proven technology that will solve many security, risk, and performance use cases. There is an old saying in the business world, “No one ever got fired for buying IBM.” The same may now be true for ZTNA.