Today, the zero-trust security model is gaining traction in the cybersecurity industry. Zero trust is an approach to security that assumes that all users, devices, and networks are untrusted and must be verified and authenticated before they can access any resources on a network. In contrast to traditional security models that rely on perimeter-based security, such as firewalls and VPNs, zero trust emphasises identity and access management and uses a variety of security technologies, such as multi-factor authentication, network segmentation, and encryption, to protect sensitive data and systems.
There are several reasons why the zero-trust attitude is gaining traction. First, traditional perimeter-based security models are no longer effective in today’s distributed and mobile workforce. With employees working remotely and accessing company resources from multiple devices and locations, it’s difficult to enforce security policies based solely on perimeter defences. Second, data breaches are becoming more common and sophisticated, and organisations are looking for new ways to protect their assets. Finally, compliance requirements, such as GDPR and CCPA, are mandating stricter data protection measures, including the implementation of zero trust security.
With each new incident of cybersecurity breach, there is a conversation about zero-trust and its influence on how the world sees data and its use. While corporations appear to have shifted this problem from cybersecurity expert huddles in the firm to separate boardrooms, the same cannot be true for individual decisions. According to a recent poll conducted by identity and access management provider Okta, a significant portion of its clients are increasingly claiming “all-in” status when it comes to implementing a strategic zero-trust option for their users, devices, and network protection. This may appear to be excellent news at first glance, but the figures show a modest but consistent improvement.
The writing on the wall is becoming more visible. Companies and individuals are gradually coming around to the idea that cyberattacks not only put organisations in difficulties, but they also have economic ramifications that might be terrible at some time. With more cloud-based services and devices capable of feeding off them for data, security concerns are only going to get worse. Okta analysed data from over 17,000 worldwide clients for its latest ‘Business at Work’ report, which shows that 22% of them have deployed one or more zero-trust setups. While the rate of increase may be questioned, the reality remains that it was only 10% a year ago.
Adoption rates were notably higher in sectors that maintained personal information about their consumers for a number of reasons. Though the research firm expected zero-trust adoption to expand at the same rate as organisations migrate to the cloud, the problem is that many businesses without a direct customer outside were really hesitant to embrace. According to Okta, organisations are using zero-trust at the point of access and for identity protection. “There is now a growing worldwide agreement that marrying zero trust with an identity and access management solution may result in a strong central control point for regulating access among individuals, devices, data, and networks,” the agency stated in its study.
The study team also said that context-based access controls were deemed crucial for implementing zero-trust settings based on consumer data. Overall, the zero-trust attitude represents a significant shift in the way that organisations approach security, and it’s likely to continue gaining traction as more companies recognize the benefits of this approach.