Simplicity is the Necessary Killer Security Feature
Pre-COVID-19, IT and security teams were being challenged by too many projects, a lack of resources and teams that lacked enough people. After a year like no other, there is much self-congratulation going on about compressing five years of digital transformation plans into five months. That is certainly good for the business and the bottom line, but what has it done to your people and your IT environment?
One year into the pandemic, and the situation feels, at times, unsustainable from a technology and human perspective. Many individuals and teams are feeling overwhelmed. In a recent survey of 450 senior IT leaders by Couchbase, 49% of organizations reported that developers were being asked to do too much in too little time last year.
IT leaders and decision-makers are trying to help by outsourcing where they can, moving from capex to opex models. They are on the hunt to reduce complexity. That means they are more careful than ever about their technology diet, and what they put into their networks.
To be good enough to deploy IT solutions today, vendors must address the human capital issue in addition to solving a technology problem (or two). With the pace of change today, technology investments are no longer blessed simply because they promise new features and functionality; bells and whistles don’t close deals. IT leaders want to know how you can reduce the pressure on their teams, simplify their operations and scale the capacity of their people. The question solution providers should be asking themselves is not, “What new features do they want?” it’s “How do we fit into the great reduction – how do we make things simpler?”
A natural result of this new reality is that enterprises are looking to collapse products and processes for automation and services. DDoS is a great example. It has transformed from a solution housed in on-premises boxes, to hybrid deployments to being subsumed by CDNs as part of always-on cloud services.
Enterprise access – crucial in a time when more employees are working remotely than ever before – is another fragmented market with multiple solutions addressing the same problem. And, not surprisingly, providing enterprise access is also arguably the most labor-intensive task for internal IT teams.
Virtual private networks (VPNs), virtual desktop infrastructure (VDI) and inline cloud access security broker (CASB) services all provide access to critical applications and infrastructure, but they can be difficult to deploy with employees who are not tech savvy and are using their own networks. Just as importantly, they also don’t address the needs of today’s overwhelmed IT teams: easy deployment, easy maintenance, instant scalability and ironclad security, nor do they adequately address control over application and data access.
IT leaders are looking for a simpler way. They are also mindful that, with the move toward cloud-based infrastructure, applications are increasingly the threat surface of choice. They must provide access to the applications remote employees and third parties need, but they need an alternative to the common scenario that opens up the network to attack or assumes that everyone who logs in is who they say they are.
That’s where a zero-trust cloud platform for enterprise access comes in. It’s easy to deploy and scale as a service that delivers brokered applications and resources to employees and third parties no matter where they are located or what device they are using.
Deployed in minutes without requiring employees to install software or IT teams to make changes to the existing network, zero-trust network access (ZTNA) solutions deliver full visibility while simultaneously giving IT complete control over all activities at the application level. And it does all of this while trusting no one and isolating all applications from users, endpoints, networks and the internet.
In other words, a zero-trust cloud security approach is simple. It solves what is perhaps the greatest human resources issue facing companies today – how to provide remote access to the tools and assets employees and third-parties need – and the equally daunting challenge of how to keep an increasingly distributed and exposed network safe.
Sometimes simpler is better, indeed.
