Implementing ZTNA: 4 Reasons Why Mobile is a Good Place to Start
ZTNA is a good fit for today’s remote workforce, and mobile is a perfect landscape to implement a ZTNA strategy
Sitting behind a desk in an office is quickly becoming a thing of the past. Let’s not forget, even before the pandemic, a huge percentage of the workforce (70%, according to Deloitte) wasn’t sitting behind a desk every day.
People have moved away from the traditional mechanisms of interfacing with IT systems and mobile is becoming more and more important. Mobile doesn’t just refer to smartphones, it also refers to tablets, SIM-enabled laptops and an increasing number of IoT devices. These are all device types that employees are now using to interface with IT systems, and they are technically all “mobile.”
Between the vast number of device types and the vast number of operating systems, mobile is a very diverse and challenging but increasingly important part of modern IT infrastructure. Zero trust network access (ZTNA) is investing in modern IT infrastructure with an understanding of what “mobile” really means today. Here are four reasons why IT teams should start their ZTNA strategy on mobile.
Current Access Technology Breaks the Mobile UX
Mobile is currently underserved. Remote access technology that has been designed for desktop has been deployed to mobile, but it is killing the user experience (square peg, round hole). Existing remote access solutions aren’t robust enough for the reality of today’s corporate mobile estates. Let’s look at two:
- Legacy VPNs were designed to use a protocol that’s resource-intensive on the setu — it takes a bit of time to connect, but the connection will stay alive for the duration of the user’s workday. But mobile devices are always on the move. Every time your mobile device goes to sleep or you change networks, the VPN gets interrupted and has to reconnect; therefore, app responsiveness suffers and so does the user experience.
- UEM tunnels only work on managed devices and are very constrained with the remote access use cases they are able to support. This means that BYOD devices and those used by contractors or partners are often unable to utilize the company’s remote access tool.
You probably haven’t adopted these legacy access technologies on mobile because they simply aren’t fit for purpose, presenting a good chance to adopt ZTNA instead.
ZTNA Offers Consistency Across Diverse Mobile Estates
Existing remote access solutions historically have not worked fleetwide. Many organizations have different VPN solutions for different operating systems but that means they have two different consoles to manage—one for Windows 10 and then another for iOS and Android. This results in inconsistencies with how remote access is managed across platforms. Without a centralized remote access tool, IT teams have to configure policies across different VPNs and issue different sets of credentials for end users. With ZTNA, the policy is centralized and rooted in user identity.
ZTNA solutions work across all device types and platforms; policy is consistent and centrally managed; and the users’ access rights are attached to their business credentials.
Users are Demanding Better Solutions
The reality of modern work is that organizations need to accommodate a wide variety of user needs. This means embracing the needs of the user rather than forcing IT models down on them. The whole concept of remote work falls apart unless IT teams understand that user opinion matters—their needs matter, their desire to work on the platform of their choice matters, their ability to access the application that enhances their productivity matters. As a result, historic security tools that hinder productivity are falling out of favor. Now security teams are trying to play catch-up by searching for tools that focus on usability, user experience, speed and app performance. ZTNA excels in usability and management to deliver a better experience for both end users and administrators.
Improved Security
Organizations are struggling to scale existing access technology to support their remote workforce. They are resorting to creative approaches, such as limiting VPN use to subsets of users, purchasing a secondary solution and enforcing inconsistent policies, but these approaches are not viable and they weaken an organization’s security posture. As organizations move to ZTNA, more workers can connect to corporate resources because the cost and overhead of managing per-user VPN technology no longer applies. This also means IT doesn’t have to connect users to the entire corporate network in the way they would with a VPN. Access to the entire network is really only needed by your network engineers who are logging in to change settings on a file server or on a web gateway. With ZTNA, users only get connected to the applications they have permission to access. This improves the security of your network and your applications significantly.
In this new way of work where people are working from anywhere, on any device, IT teams need to figure out how to connect a user to an application with the same level of security they had before, but also while acknowledging that the requirements of users have changed dramatically. Mobile is greenfield—it’s relatively new and not weighed down by layers of legacy technology. This means IT teams have the opportunity to take this portion of the IT infrastructure, look at it with fresh eyes and use it as a proving ground for ZTNA.
