Zero Trust Network Access (ZTNA) provides remote users with an alternative to slow and clunky VPNs for accessing private business applications. However, not all ZTNA solutions are created equal. In addition to identity-based access control, Zero Trust requires real-time inspection of data in order to stop malware from compromising internal resources and stop sensitive information from leaving the area of control.
Forcepoint ONE Zero Trust Network Access (ZTNA) is one of the three foundational gateways of the Forcepoint ONE all-in-one cloud platform. It controls access to individual applications hosted behind a firewall, without the need for virtual private networks (VPNs), while providing data loss.
Enforcing this kind of control for remote access to internal resources requires consistent coverage across unmanaged devices as well as managed devices. This means, for example, that the same Data Loss Prevention (DLP) constructs that govern how employees on managed devices can use and share sensitive information needs to extend to policies controlling how users on unmanaged devices; such as contractors, consultants, and auditors, can interact with and share that same information. This also extends to malware prevention to provide consistent malware security for internal private applications just as well as SaaS applications, whether the user is on an unmanaged device or a managed device.
So why does all this matter? It’s important because many Zero Trust security strategies don’t fully address how the full range of users interact with all possible resources. In these cases, organizations are most likely setting themselves up for shortcomings that can easily be exploited.
The reality is that most organizations rely on a broader ecosystem of partners, contractors, consultants, and others to optimize the pace of business and keep operations running—not to mention access to the public and future customers. Besides protecting users on managed devices, a true Zero Trust solution should also protect the full ecosystem of users on unmanaged devices that today’s organizations rely on..
That’s why we designed Forcepoint ZTNA to offer inline DLP and malware protection controls for users accessing internal apps from any type of device; managed or unmanaged. Beyond that, Forcepoint ZTNA is part of the unified, cloud-native security platform: Forcepoint ONE, which allows security professionals to easily extend comprehensive malware protection and DLP enforcement across all business applications, cloud apps and private apps, as well as extend those same policies to cover use of the web and unsanctioned apps (a.k.a. Shadow IT).
Resource : ZTNA secures a hybrid workforce | Forcepoint