Businesses are moving private apps that once ran solely in the data center to public clouds. At the same time, they are searching for ways to enable productivity as users work from anywhere and on any device. The key to success begins with finding the right balance of security and user experience.
Today, the security perimeter extends beyond the corporate network to anywhere users connect and wherever applications run. Traditional network security architectures have become less relevant for modern workflows, as they are anchored in the data center and rely on appliances. These architectures were not built for the cloud and mobile world and were never designed to scale like a cloud service.
Network-based architectures are also vulnerable as a result of excessive trust. Remote users connecting from an approved list of IP addresses (via VPN) are assumed to be trusted and are granted access to the network through a firewall, which is often exposed to the internet. On-premises users on the network can move laterally across it. Ultimately, this inherent trust leads to risk and overprivileged network access.
The security paradigm needs to shift from a static network perimeter and, instead, focus on the entity, resource, and user device. This shift in focus is why Gartner recommends that organizations adopt a zero trust network access service (ZTNA) to secure access to private applications.
