Using multiple solutions adds complexity to your zero trust strategy


Companies’ operating models today are significantly more complex than they were just a couple of years ago, according to BeyondTrust.

Remote employees accessing key systems and data, more applications, and information stored and flowing through the cloud, are all helping drive this complexity.

Supply chain security under threat

Companies are also increasingly reliant on their supply chain, which means partners, suppliers, and shippers are now typically directly connected to a company’s systems. This has driven the need for a zero trust approach and identity solutions. However, this research finds that integration requirements may be a roadblock to timely implementation.

The survey’s research focused on understanding current identity and zero trust trends, adoption rates, incidents, solutions, challenges, and new areas of focus.

“Today’s business operating models are highly complex, with remote employees accessing critical systems using dozens, and even hundreds of applications,” said Morey Haber, Chief Security Officer at BeyondTrust.

“Data is transmitted between clouds and corporate data centers, with third-party contractors and supply chain partners, suppliers, and shippers directly connecting to these corporate systems. Legacy security architectures and network defenses are less effective at managing this extended perimeter. Zero trust principles and architectures are being adopted by public and private sectors because they have become one of the most effective approaches to mitigating the heightened risks to highly sensitive identities, assets, and resources,” concluded Haber.

Identity theft and breaches skyrocket

The research found that almost all respondents had an identity-related incident in the last eighteen months, with 81% indicating two or more incidents. A significant number of these incidents were related to privileged accounts.

Over 70% of companies are still in the process of implementing a zero trust approach needed to secure an expanding security perimeter due to increased cloud utilization and remote workers.

Nearly all companies indicated they were using multiple vendors and solutions for their zero trust strategy, with most using four or more solutions. Of the companies interviewed, 70% rely on custom coding for integration, often provided by costly third-party services. 84% needed several different integration approaches for their zero trust defense, complicating the deployment process.

Zero trust solutions need native integration

Integration has become a critical issue for many companies, as over 70% of those surveyed removed a security solution simply because it didn’t integrate effectively. Those surveyed reported that gaps in their zero trust approach resulted in slower issue resolution, poorer user experiences, incorrect access privileges, manual intervention, compliance issues, and more.

Essentially every company indicated a zero trust approach needs to integrate with numerous other business and collaboration applications to ease the burden of integration processes. Integration challenges have led the majority to make native integration a key selection criterion for zero trust solutions.

Better integration not only saves resources, but time as well, with more than 9 out of 10 companies indicating an integrated ecosystem creates a faster response to security issues and improved compliance.

Key issues impacting companies

Identity-related
  • 93% report identity issues stemming from integration problems
  • 81% report 2 or more identity issues over the last 18 months
  • 63% report identity issues were directly related to privileged users and credentials, and 5% aren’t sure
Zero trust-related
  • 76% of organizations are still in the process of implementing a zero trust approach to secure their environment
  • 96% of companies use multiple solutions for their zero trust approach, with 56% using 4 or more
Integration-related
  • 70% of companies must rely on vendor custom code for their zero trust solution integration
  • 84% of companies have multiple integration approaches to make their zero trust strategy operational
  • 99% of companies indicate zero trust solutions need to integrate with numerous other applications
  • 94% report that easy integration is “very important” or “important”, with no participants indicating it was not important
  • 78% indicate native integration is a key selection criterion for zero trust solutions zero trust



Source link