Page 125 - Cyber Defense eMagazine August 2023
P. 125
You’re Blind to Endpoint Risk
This is perhaps the most egregious miss for ZTNA. Authentication is great, but as everyone knows,
devices are the most used vehicle to compromise enterprise networks and systems. So, if you can’t
monitor the risk posture of an endpoint after it connects, you’re out of luck if the device is vulnerable
because its anti-virus is out of date, or its firewall is turned off.
Traditional ZTNA does not deliver endpoint risk monitoring or remediation. And since it’s really only
focused on applications, it’s not outside the realm of possibility for a device to move laterally across the
network after it’s authenticated if the user is sophisticated enough. In this sense, ZTNA can actually make
you more vulnerable than you even realize. Again, as with the previous problem, this security gap
necessitates a solution like NAC, which can monitor endpoint risk and remediate devices that fall out of
compliance.
Think Bigger, Think Universal Zero Trust
Despite all these problems with ZTNA, there is hope for zero trust, it just requires those considering a
move to this security model to expand their mindset. It also means that instead of patching together a
portfolio of highly focused security tools like ZTNA or NAC, companies need to invest in unified, cloud-
native, and friction-less solutions that can address all key zero trust use cases in a centralized and
scalable fashion.
Fortunately, emerging technology is bridging these gaps to deliver “universal zero trust,” which extends
zero trust access control to networks, applications and infrastructure for employees, guests and
contractors working on-campus and remotely. This is the holy grail of zero trust – where all critical IT
assets are covered by a never trust, always verify security model. This is something ZTNA alone cannot
do.
About the Author
Denny LeCompete is the CEO of Portnox. He is responsible for overseeing
the day-to-day operations and strategic direction of the company. Denny
brings over 20 years of experience in IT infrastructure and cyber security.
Prior to joining Portnox, Denny held executive leadership roles at leading IT
management and security firms, including SolarWinds and AlienVault. Denny
holds a Ph.D. in cognitive psychology from Rice University.
Denny can be reached online at [email protected] and at our company
website https://www.portnox.com/.
Cyber Defense eMagazine – August 2023 Edition 125
Copyright © 2023, Cyber Defense Magazine. All rights reserved worldwide.