I recently wrote about how to deal with old technologies when a company is switching to a new security philosophy (tl;dr: Don’t just rip and replace!). Today, we’re going to look at the other side of the same coin. What happens when an organization is ready to achieve Zero Trust nirvana – that sought-after state of freedom from suffering and rebirth every CISO and IT pro spends their lives trying to achieve?
There are two planes that lead to this bit of transcendence. The first is philosophical, which we’ve discussed: A reckoning that the current security strategy isn’t good enough, and having the entire security team fully bought in to Zero Trust. The second is technological and it’s called Next-Gen Access.
Next-Gen Access is a technological approach to identity and access management (IAM) that marries modern single sign-on (SSO), adaptive multi-factor authentication (MFA), provisioning and lifecycle management, endpoint and mobile security, and user behavior analytics into one platform. It’s the perfect technological partner to a Zero Trust approach because its sole purpose is to reduce friction, add efficiency, and increase capabilities.
Next-Gen Access solutions are better equipped to enable a Zero Trust approach to access with advanced capabilities that intelligently determine the authenticity of a digital user and their device, govern access across an organization’s resources, and react when risky behavior is detected. This bolsters an organization’s security posture while also improving end user experiences, making everyone more productive.
It’s a platform approach to security, combining all the tools necessary to create a true Zero Trust environment, with the added benefit of integrated out-of-the-box, day-to-day management features and a synergy between all the tools on the platform that enable things like broad contextual awareness, increased automation, and real-time decision making.
Next-Gen Access provides three main benefits when paired with Zero Trust:
- It vastly improves user experience. Traditionally, adding more authentication factors increases security, but also increases friction, making the people using the apps and services less happy, less productive, and more prone to poor security hygiene. Next-Gen Access is able to marry three separate technologies (single sign-on, adaptive multi-factor authentication and user analytics) to discover the context around areas where additional friction should — and most importantly, should not— be added. Is this person using an app or service in a different way than they usually do? Are they in a location they’ve never been before, or on a device that’s never been used to log in? If the answer is yes to any of these, the risk is increased and the system can throw up an additional level of verification. If not, then the risk level is decreased as they most likely are who they say they are and can smoothly use the app without having to log in, creating a frictionless experience.
- It’s easier on IT. Reducing the burden on IT is an almost universal goal in every company. After all, what’s the goal of an IT business unit? They are not in the business of making things harder for people. They help facilitate new approaches to business, digital experiences and so on. Next-Gen Access gives them time for that, rather than writing and managing access to myriad static access rules. There’s also the opportunity cost from not having to invest time and money in a Frankenstein identity solution when Next-Gen Access is integrated under one umbrella. One set of tools to implement, configure and roll out. And an added bonus: buying from one vendor is almost always cheaper.
- Next-Gen is where the best and most recent thinking is happening. Innovation is not happening for on-premise software and appliances – those will always provide the same, static experiences for IT and users. Developers and IT are focused on Next-Gen Access solutions where they have the ability to use things like artificial intelligence, massive data pools, and seamless interoperability between thousands of cloud apps to build things like automation, deep context, and more into apps and services.
Think of Zero Trust and Next-Gen Access like you would a road trip. Zero Trust is the map that tells you how to get to where you want to go, while Next-Gen Access is the car. It’s easier and more comfortable to get into a brand new Audi, get up to speed, set the cruise control and go than it is to drive an old Volkswagen Bug with a stick shift. (Or worse, buy a separate engine, body, wheels, and seats from different vendors and “integrate” your own car.)
Most importantly though, a Next-Gen Access approach frees up IT to be an enabler. We in the security business sometimes get stuck on stopping breaches as the end all to be all. That’s obviously important, but what happens after the breaches are stopped? The focus then needs to turn back to helping the business — the original purpose of IT. Next-Gen Access helps make the security aspect of security solutions fade into the background so the enabling aspect can come into focus and become a foundational piece for new customer experiences or new ways to think about identity and how it can enable productivity.
That’s what I call nirvana.
Read the Zero Trust series here:
Zero Trust Series – 1 What Is Zero Trust and Why Is it So Important?
Zero Trust Series – 3 Imposter Syndrome: Why You Can’t Separate the “Good Guys” from the “Bad Guys”
Zero Trust Series – 4 Passwords are Just one Piece of the Cybersecurity Puzzle
Zero Trust Series – 6 Protect, Detect, Deter, Respond is Not a Security Strategy.
Zero Trust Series – 7 Upping the Security Ante: How to Get Teams’ Buy-in for Zero Trust
Zero Trust Series – 8 Next-Gen Access and Zero Trust are the PB&J of Security
Zero Trust Series – 9 Passwords Need Fixing. Zero Trust is the Solution.
Zero Trust Series – 10 The One-Two Punch of Zero Trust. Verify Every User, Validate Every Device.
Zero Trust Series – 12 Grow Up! Plotting Your Path Along the Zero Trust Maturity Model