One year ago, businesses pivoted to remote working. This forced companies and their IT departments to rethink their remote access policies. One thing became clear – organizations needed to embrace a zero trust access approach to remote working and cybersecurity.
When businesses switched to remote working, they relied on VPNs for remote workers to access network stems. VPNs are built on a trust everyone model. They give users broad access making it easy to move laterally across the network. In many ways, cloud applications that use passwords for access, take a similar approach. Cybercriminals know this and ramped up their attacks on remote workers in 2020. With entire workforces accessing VPNs and cloud applications on unprotected home networks, companies took on significantly more security risk. (See my previous post, Is It Time to Replace VPNs?)
To address this risk, companies are turning to zero trust access models.
What is Zero Trust Access?
Zero trust network access (ZTNA) is based on the concept of “never trust, always verify” anything and everything connecting to your network before granting access (using the principle of least privilege). The idea is to eliminate trust because we can no longer assume that the entities within a network are trustworthy. This helps limit the lateral movement of hackers and malicious actors.
A zero trust access approach takes into account the reality of today’s IT infrastructure which relies on mobility, IoT, cloud applications and collaboration with partners. In a zero-trust model, users and all resources (servers, databases, devices, APIs, etc) are considered external and need to be routinely verified before granting access.
Zero trust is a modern approach to remote access. It’s been discussed for the last few years but taken on a new priority over the past year. Investing in zero trust solutions companies can decrease their exposure to cyber threats by verifying user, system, or application credentials. It creates a software-defined perimeter for identity and device-based access making it a strong option for today’s remote workers and cloud-based environments.
As more companies rethink their VPN strategies, they are adopting remote employee gateways that leverage zero trust models. Secure gateways can be created using modern privileged access management software which is designed to support least privilege access and zero trust. It includes point-to=point access to specific services in the destination network for the specific, often sandboxed, applications on the client computer, logging access events, monitoring traffic, enabling supervisors to approve access, and restricting access to users’ locations or time of access.
Even before the pandemic started, our customers were using Xton Access Manager (XTAM) as a secure gateway for remote workers or trusted third-party partners. With XTAM companies can securely lock their systems and secrets behind their firewall. XTAM is used with secured Active Directory logins, MFA, Approval and Time-based Workflows to safely provide access to only trusted personnel. XTAM allows you to limit access by account or system, implement just-in-time access and enforce zero trust policies.
Using PAM software in this way provides additional benefits beyond secure access. As an enterprise PAM solution, XTAM provides audit trails, video recording, alerts and notifications. This helps company’s meet compliance requirements even for remote workers with privileged credentials.
Hybrid and remote working models are likely to become the norm for many businesses. IT departments need to invest in secure access solutions that go beyond trust all policies of VPNs to zero trust access.
Contact Xton today and learn more about using XTAM for secure remote access.