It seems like everyone is singing the praises of Zero Trust security \u2014 even United States President Joe Biden. <\/p>\n\n\n\n
Last year, the president signed an executive order<\/a> aimed at migrating the federal government to a Zero Trust Architecture (ZTA). <\/p>\n\n\n\n
Biden said the government was adopting ZTA to \u201cmodernize its approach to cybersecurity and today\u2019s dynamic and increasingly sophisticated cyber threat environment.\u201d The Office of the President<\/a> went on to say the cybersecurity framework would enable departments to \u201ctighten access controls.\u201d<\/p>\n\n\n\n
If you\u2019ve worked in the IT industry long enough, you probably know one thing to be true when it comes to project management: expect the unexpected. Anomalies are inevitable and, unfortunately, reality doesn\u2019t always meet ideals. <\/p>\n\n\n\n
Despite the publicity, only 23% of small and medium-sized enterprises (SMEs)<\/a> have fully adopted Zero Trust security programs to date. SMEs often cite budgetary constraints, labor shortages, integration difficulties, and lack of knowledge as reasons for not adopting Zero Trust (ZT). <\/p>\n\n\n\n
The concept of \u201cZero Trust\u201d is deceptively simple. It means that any devices, users, and applications attempting to access an IT resource of any kind must first receive validation. The mantra \u201ctrust nothing, verify everything\u201d is ubiquitous with the security framework. <\/p>\n\n\n\n
So instead of granting implicit trust<\/em> upon the initial entry to a protected network, organizations evaluate an opinion of trustworthiness based on context, and at every access transaction.<\/p>\n\n\n\n
Questions like these are answered via policy checks as end users seek network access. Though simple in philosophy, transitioning from a traditional, on-prem security program to a comprehensive ZT model doesn\u2019t happen overnight. <\/p>\n\n\n\n
In fact, Forrester found<\/a> the process takes an average of 1 to 3 years<\/strong> from start to finish. With that said, a little strategic planning can make for a much smoother ride. Below are the six most common roadblocks we see customers encounter while switching to Zero Trust: <\/p>\n\n\n\n
While it\u2019s easy to implement ZTA for a startup, more established organizations must deal with the existing infrastructures they already have in place. And most of them are severely outdated! <\/p>\n\n\n\n
Admins must take precautions when modifying existing infrastructures with new ZTA tools. Those who rush the process have been known to slow down or even break crucial systems. In addition, completely overhauling a legacy system is expensive if it has yet to deliver ROI. <\/p>\n\n\n\n
We recommend developing a roadmap to gradually launch Zero Trust security elements over time. This way, you can leverage your existing infrastructure to optimize costs. And, you will significantly reduce the likelihood of experiencing major \u201coopsies.\u201d <\/p>\n\n\n\n
Check out Forrester Research: A Practical Guide to a Zero Trust Implementation<\/a>. <\/p>\n\n\n\n
Like any significant departmental endeavor, Zero Trust campaigns require resources in terms of labor, time, and finances. One often overlooked expense is the configuration and continued maintenance of unfamiliar elements. <\/p>\n\n\n\n
Does someone on your team know how to set up authentication protocols like LDAP\/RADIUS, create user policies, and apply network microsegmentation? Better yet, does anyone in-house have the extra time to roll up their sleeves and become your organization\u2019s ZT champion?<\/p>\n\n\n\n
If not, plan to outsource technical professional services<\/a> to bridge the gap. In addition, budget for continued infrastructure management and support. Running into unfamiliar territory after launching ZTA is one of the primary reasons organizations fail to achieve long-term results. <\/p>\n\n\n\n