The Fast Mode spoke to Omar Masri, Founder and CEO of Mamori.io on the impact of traffic visibility on ZTNA networks. Omar joins us in a series of discussions with leading cybersecurity and networking vendors, assessing the evolution of ZTNA technologies, the roadmap for ZTNA deployments, the benefits of ZTNA for enterprise and telco networks, and the need for real-time traffic visibility technologies such as DPI for ZTNA.
Ariana: What do you consider are the core features (must have) of ZTNA?
Omar:
- 2FA on everything – This is a basic requirement in a ZTNA solution, yet most organizations neglect this. Whether it is access to network, application, database, including specific resources, authentic verification should always be required to ensure the right person is behind the right device.
- Real-time SCAN Detection and Blocking – Hackers and bots need to scan to find the next machine to infect. The ability to scan a network needs to be a permission and unauthorized scans need to be blocked and the culpable device needs to be locked.
- Microsegmentation – Microsegmentation is another core feature of ZTNA because it prevents lateral movement on the network by hackers. At the minimum, a network can be segmented by identity workload and role-based workload.
- Automated Access Escalation/De-escalation – Automated access management is key to zero trust. Businesses remain vulnerable as long as an admin has to manually manage access. In an automated system a user requests access to a particular resource, it is approved by the manager, and the permission expires as per the requested policy.
- BYOD Deployment Option – Deploying ZTNA should not place extra burden on employees, which is why BYOD deployment option is a must-have. BYOD devices should be secured using device registry, and all accesses coming from the device should be secured using 2FA. Remote access should be simplified with browser access using RDP, SSH and HTTPS, while automating ISO 27001 Access Controls.
Ariana: What’s in store for ZTNA vendors in the next 10 years?
Omar: Within the next 10 years, ZTNA solutions will be sold as modules within all-in-one data security solutions. The factors that are driving this change include: (1) the steep costs of security solutions, including ZTNA solutions, (2) the constant data breaches and falling victim to cyber attacks despite investing in multiple, costly security solutions, and (3) cyber insurance companies are demanding more solutions to be implemented to lower the premium. Thus, I wouldn’t be surprised that ZTNA vendors will become part of a larger data security firm that offers an all-in-one security solution – which will be the more affordable and more secure option.
Omar Masri is a software entrepreneur, founder, and CEO of Mamori.io, which helps businesses overcome the cost and complexities of cybersecurity – preventing attacks while meeting compliance and cyber insurance requirements. He is also a director of a data migration and security services company and is co-incubating a non-emergent transport services startup.
This interview is a part of The Fast Mode's Next-Gen DPI Traffic Visibility for ZTNA segment, featuring over 40 leading cybersecurity and networking solution providers and their views on the importance of traffic visibility for ZTNA. A research report on this topic will be published in January 2024 - for more information, visit here.
