The Report finds that almost half of respondents reported significant challenges related to a lack of integration between zero-trust solutions deployed on-premises and in the cloud
Bengaluru, NFAPost: Fortinet announced the findings from its global 2023 State of Zero Trust report and finds that almost half of respondents reported significant challenges related to a lack of integration between zero-trust solutions deployed on-premises and in the cloud.
The Fortinet report provides an overview of the current state of zero-trust security efforts and the progress IT teams have made following the pandemic-initiated need to secure remote workers. The report also delves into the continuing challenges many organizations face in securing a hybrid workforce.
Fortinet EVP Products and CMO John Maddison said the Fortinet 2023 State of Zero Trust Report shows that although more organisations are implementing a zero-trust strategy, they still face challenges related to integration.
“To successfully implement zero trust, organizations need solutions that are designed to converge networking and security and have the ability to span multiple environments, such as Fortinet Universal ZTNA and Universal SASE,” said Fortinet EVP Products and CMO John Maddison.
Key findings from the State of Zero Trust Report include:
• Organisations of all sizes are working to implement zero-trust strategies. Since the last survey in 2021, companies have deployed more solutions as part of their zero-trust strategies. The number of respondents that report being in the process of implementation is 66%, up from 54% in 2021. Companies are working to enable zero trust everywhere to minimise the impacts of a breach.
• Organisations continue to face challenges in implementing their zero-trust strategies. Although companies are moving forward, they still face challenges. Nearly half of respondents (48%) indicated that a lack of integration between the zero-trust solutions deployed on-premises and in the cloud is the most significant issue they need to address. Other reported challenges relate to end-to-end policy enforcement, application latency, and a lack of reliable information to help select and design a zero-trust solution.
• Solutions must cover both on-premises and remote users with a consistent application access policy and success has been mixed. Many companies need to secure access to applications both on-premises and outside of the network, and nearly 40% of respondents report still hosting more than half of their applications on-premises. It’s notable that 75% also have encountered issues because of relying on cloud-only ZTNA.
• The consolidation of vendors and solution interoperability is crucial. Deploying solutions from multiple vendors has led to challenges such as the introduction of new security gaps and high operations costs. Larger companies in particular are looking to consolidate solutions to simplify operations and reduce overhead.
• SASE is a priority. The top priorities for SASE solutions vary, but “security effectiveness” is the most significant, with 58% placing it in their top three priorities. According to 89% of respondents, SASE integration with their on-premises solutions is also very or extremely important.
Despite claims that everything is moving to the cloud, most organisations still have a hybrid application and data strategy in place. ZTNA needs to work no matter where applications and users are located, and respondents indicated that the top areas that a hybrid ZTNA strategy must cover include web applications (81%), on-premises users (76%), remote users (72%), on-premises applications (64%), and SaaS applications (51%).
Zero-Trust Strategy Priorities
The pandemic initiated a dramatic workforce transformation, with the vast majority of employees who traditionally worked on-premises suddenly working from home. This change triggered a corresponding dramatic upheaval in networks, essentially turning them inside out. Almost overnight, organizations needed to create secure network access to critical applications and resources through the perimeter, which often required upgrading remote access technologies such as edge security tools.
At the same time, the limitations of traditional VPNs became apparent as hackers began accessing corporate resources by hijacking VPN tunnels through poorly protected home networks. Plans to move applications to the cloud were accelerated to offload pressure on the network perimeter and to improve the user experience.
Of course, none of these changes were entirely unexpected.
The move to a hybrid workforce had been in progress for some time, but the pandemic accelerated the change. Many organizations weren’t ready for the sudden transition to remote work, and they didn’t have the technologies in place that the circumstances demanded. Despite these issues, two-thirds of organizations have decided to maintain a hybrid workforce, with larger employers more likely to support remote workers than smaller ones.
The challenge has been providing consistent access and exceptional user experience for workers who move between onpremises and remote work locations. It has been particularly difficult for the 72% of organizations that opted for a cloud-only ZTNA solution to provide secure access to critical applications.
About the Zero Trust Report:
The Zero Trust Report is based on a global survey of IT decision-makers aimed at better understanding how far along organizations are in their zero-trust journey. The survey is intended to better understand the following:
• How well zero trust and ZTNA are understood
• The perceived benefits and challenges in implementing a zero-trust strategy
• Adoption of and the elements included in a zero-trust strategy
The survey was conducted from March 30-April 2, 2023 with 570 IT and security leaders from 31 different countries, representing nearly all industries, including the public sector.
