Implementing a zero-trust approach to network security simplifies the process of securing remote workers, but comes with a steep technical climb to actually roll out at scale. Thanks to Eitan Bremler for the exciting chat with GestaltIT.com. about how the ZoneZero product simplifies the implementation of zero trust, both on-prem and in the cloud.
Rolling Out Zero Trust Across a Decentralized IT Environment
Zero-trust network access (ZTNA) is all the rage in the IT security scene, especially nowadays with employees working from everywhere in this decentralized era of IT. Unfortunately, for many, the very decentralized nature of IT that zero trust is so apt to protect also introduces difficulties, especially as employees need access to resources both in the cloud and on-premises.
Many IT departments rely on VPN infrastructure to securely connect users back to on-prem resources in attempts to build a zero-trust security approach. Although effective for creating secure connections, VPNs can’t be used to control access to cloud-based resources, and generally require extensive technical chops to set up correctly and at scale. Additionally, VPNs are only a part of the greater whole of a zero-trust approach, meaning organizations need more to ensure they’re secured.
Implementing a Software-Defined Perimeter for Zero Trust
Safe-T provides a solution to the problem of implementing ZTNA across an environment with their ZoneZero product. Deployed on virtual machines, ZoneZero creates a software-defined perimeter around on-prem resources, working in tandem with your existing VPNs and firewalls to control access. ZoneZero is operated via an on-prem controller, which allows you to keep total control over your requisite certificates and keys, a must-have for compliance / regulatory requirements.
As shown in the diagram above, Safe-T integrates with your existing identity providers (IdP) — both on-prem and in the cloud — to establish an identity source of truth. Then, using authentication from those IdPs, Safe-T provides access to resources, whether through the access controller on-prem or the authentication gateway in a browser. As such, Safe-T can authorize access to all TCP-layer applications, as well as those housed on-prem — regardless of where access originates.
Going Deeper into Safe-T
We here at Gestalt IT had the express pleasure to chat with Safe-T Co-founder, Eitan Bremler, to discuss the ZoneZero product and how it can be used in a zero-trust environment. According to Bremler, a core goal behind Safe-T is to make the switch to zero trust as simple as possible for organizations. Once implemented, ZoneZero simply needs to integrate with your existing IdP, apps, infrastructure, VPNs, etc. Then, you’re well on your way towards a strong, zero-trust approach to security.
In addition, since the product works both with and without existing VPN infrastructure, organizations can and have used Safe-T to move off of their VPNs completely. That way, employees can access all of their resources securely without having to jump through the usual hoops of VPNs. On the flip side, IT admins have less to worry about, rest assured that their users are more secure without having to concern themselves with VPNs.
As an ardent follower of the zero-trust space, I am so excited to have learned about Safe-T and their ZoneZero product. It seems to me like one of the most simple yet highly effective ways to roll out zero trust across an entire environment.
About Version 2 Limited
Version 2 Limited is one of the most dynamic IT companies in Asia. The company develops and distributes IT products for Internet and IP-based networks, including communication systems, Internet software, security, network, and media products. Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 Limited offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.
About Safe-T® Group Ltd.
Safe-T Group Ltd. (Nasdaq, TASE: SFET) is a provider of Zero Trust Access solutions which mitigate attacks on enterprises’ business-critical services and sensitive data, while ensuring uninterrupted business continuity. Safe-T’s cloud and on-premises solutions ensure that an organization’s access use cases, whether into the organization or from the organization out to the internet, are secured according to the “validate first, access later” philosophy of Zero Trust. This means that no one is trusted by default from inside or outside the network, and verification is required from everyone trying to gain access to resources on the network or in the cloud.
Safe-T’s wide range of access solutions reduce organizations’ attack surface and improve their ability to defend against modern cyberthreats. As an additional layer of security, our integrated business-grade global proxy solution cloud service enables smooth and efficient traffic flow, interruption-free service, unlimited concurrent connections, instant scaling and simple integration with our services.
With Safe-T’s patented reverse-access technology and proprietary routing technology, organizations of all size and type can secure their data, services and networks against internal and external threats.