NC May-Jun 2022
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
FEATURE: ZERO TRUST<br />
ZERO TRUST ARCHITECTURE: 5 REASONS YOU NEED IT<br />
ADRIAN TAYLOR AT A10 NETWORKS EXPLAINS WHY A ZERO TRUST ARCHITECTURE IS THE IDEAL WAY TO<br />
MITIGATE A BREACH IN YOUR NETWORK<br />
There's a relatable metaphor that best<br />
describes how network security<br />
architectures have evolved. People<br />
living in small towns usually know all their<br />
neighbours, so hardly anyone locks their<br />
doors. But for people living in bigger towns,<br />
it's much harder to know who their<br />
neighbours are, so everyone starts locking<br />
their doors. People not only lock their<br />
doors, they also install security systems, put<br />
bars on their windows, and might even get<br />
a guard dog.<br />
In other words, when you have limited risk,<br />
your network security architecture can be<br />
simple but as the risks become greater -<br />
when certainty in your security decreases -<br />
then you need to rethink how to keep your<br />
property safe. As a consequence, security<br />
becomes more complicated.<br />
In the late '80s through the early '90s,<br />
network security was simple; once an entity (a<br />
person, a machine, a process) was inside<br />
your network and authenticated with your<br />
security service it was assumed that entity was<br />
trustworthy. Of course, this couldn't last for<br />
long. As networks started to become more<br />
central to business operations and the need<br />
arose for external connections for business<br />
partners, network complexity increased<br />
exponentially. By the late '90s, these networks<br />
began connecting to the internet, and by the<br />
2000s, hundreds of service providers<br />
complicated networks further by offering<br />
software-as-a-service (SaaS).<br />
THE END OF SIMPLE NETWORK<br />
SECURITY<br />
By 2010, the network no longer had a single,<br />
unbroken network perimeter. It had become<br />
"porous" to support mobile and remote<br />
workers, as well as business partners and new<br />
third-party services. "One and done"<br />
authentication of entities requesting access<br />
became inadequate. You could no longer<br />
assume that anyone on your network,<br />
including your staff, could be trusted.<br />
14 NETWORKcomputing MAY/JUNE <strong>2022</strong> @<strong>NC</strong>MagAndAwards<br />
WWW.NETWORKCOMPUTING.CO.UK