Johannesburg, 24 Oct 2023
As we celebrate Cybersecurity Awareness Month, terms like secure access service edge (SASE), security service edge (SSE), zero trust network access (ZTNA) and secure web gateway (SWG) are increasingly being bandied about boardroom tables across South Africa. But do business leaders really understand what they mean in the context of strengthening their organisational defences?
SASE is an architectural model that integrates several network and security services into a unified cloud-native platform. It encompasses SSE and ZTNA, among others. SSE, a component of SASE, zeroes in on security services, safeguarding access to cloud-based applications and the internet. On the flip side, ZTNA applies a 'never trust, always verify' principle, granting access solely to authenticated and authorised users and devices. This principle starkly contrasts with the recent security debacle at MGM Grand. A hacker, having snuck in via compromised user credentials, ran amok altering slot machine functions, stopping ATMs and locking out guest bookings. Such incidents highlight the need for using strong security frameworks like ZTNA in today's digital ecosystem.
ZTNA acts as a gatekeeper, ensuring that only vetted entities can access specific network resources. This significantly mitigates the risks associated with over-exposed network services. By employing a granular level of control, ZTNA reduces the attack surface, making it a strong barrier against unauthorised access and lateral movement within networks. This is a significant departure from traditional security measures, thereby enabling businesses to move towards a more secure and manageable network infrastructure.
Over the past several decades, virtual private networks (VPNs) have been the standard solution for organisations to provide employees with remote access. In simplistic terms, a VPN extends a private network across a public network. So, it lets users send and receive data as if their devices were directly connected to the private network. However, once authenticated, VPNs often provide overly broad access, making them less desirable for today's security demands.
The mechanism of VPNs involves creating an encrypted tunnel between the user's device and the VPN server. In turn, this acts as a gateway to the desired private network, thereby masking the user's IP address and encrypting all the data exchanged within this tunnel.
Despite this encryption, the initial authentication in VPNs potentially leaves room for malicious threat actors to gain extensive network access if they can breach the authentication layer. This was perfectly illustrated in the MGM Grand incident. However, it does underscore the need for more granular access control, thereby ushering in the transition towards ZTNA for enhanced security.
Getting to grips with ZTNA
ZTNA operates on a need-to-know, need-to-access principle. Unlike VPNs, it validates every user and device attempting to access the network, granting the least privileges necessary for performing a task.
Using such a granular level access control significantly strengthens a company’s security posture. With ZTNA, the emphasis shifts from granting access to networks to authorising access to specific applications or services, thereby hindering lateral movement of threats within the network. In the scenario of MGM Grand, had ZTNA been implemented, the hacker’s movements would have been restricted, preventing widespread disruption.
Making the move
Transitioning from VPN to ZTNA signifies a monumental shift towards enhanced security. It limits the attack surface and prevents lateral movement within the network. This is showcased through the HPE Aruba range of SSE solutions, which Duxbury distributes in South Africa.
SWG is a crucial cog in the SASE and ZTNA wheel. It acts as a watchman over internet-bound traffic. By meticulously scrutinising this traffic, SWG filters out malicious content and enforces corporate policies. This makes it a robust first line of defence. SWG's role is essential in blocking malicious Web content, thereby ensuring safe and compliant internet usage.
This level of scrutiny is vital in an era where cyber threats are continually evolving, showcasing how indispensable SWG has become in safeguarding organisational digital assets while still ensuring compliance with internet usage policies.
Adopting SWG not only translates to stronger network security and controlled internet usage, but also aligns with compliance to regulatory mandates. It acts as a linchpin to ensure a more sanitised digital environment that is conducive for a modern, digital business. By filtering malicious content and enforcing corporate internet usage policies, SWG paves the way for enhanced productivity and a markedly reduced risk of security breaches. In essence, it serves as a barricade to shield companies from the evolving range of cyber threats.
The journey towards achieving such a strong cyber security infrastructure necessitates embracing the ZTNA and SWG ethos. As an HPE Aruba partner, this is something that Duxbury Networking is championing. This October is the perfect time to start making the transition for a more secure digital future.
Since its formation in 1984 by CEO, Graham Duxbury, Duxbury Networking has embraced ongoing technological changes within the ICT sector in order to provide its customers with access to the latest trends and solutions. Satisfying the evolving and diverse needs of its customer base is achieved through an emphasis on sourcing cost-effective, high-quality products from carefully selected local and international vendors. Aligned with this is the provision of uncompromising technical support, which is possible due to an extensive investment in the training and upskilling of its team. The company is driven to take an active role in reshaping and redefining the South African digital landscape in its mission to help its customers build a network that will support current and future technologies.