You’d think with all the buzz about zero trust that organizations have their strategies and solutions deployed and humming along nicely, but in Fortinet’s 2023 Zero Trust Survey, we found that only 28% of organizations have a fully implemented zero-trust strategy.
The reasons for this disconnect are many, but there are common challenges that organizations should watch for when building their Zero Trust (ZT) strategy and putting it into practice.
Remember that Zero Trust is a journey
Because technology and business demands are changing so rapidly, new challenges and priorities seem to pop up overnight that can impact or complicate ZT. From the very beginning, it’s key to remember that ZT is a journey. You need to balance your approach with clear goals for the team to work towards with the ability to be nimble enough to address changes as needed.
Zero trust pitfalls to avoid
During customer conversations, three main challenges have emerged that often curtail ZT strategies. (But don’t worry, there are ways to address them.)
- Complex infrastructure: Networks today include servers, proxies, databases, internal applications, and Software-as-a-Service (SaaS) solutions, some of which run in the cloud while others are on-premises. This complexity can make it difficult to build a strategy that addresses each segment properly.
- Multi-vendor environments: A successful ZT strategy requires solutions and technologies to work together across the entire environment, but many organizations use a variety of products from different vendors that don’t always work together. This can make creating a comprehensive ZT approach time-consuming and hard to manage. In fact, most organizations (48%) find a lack of integration between the zero-trust solutions deployed on-premises and in the cloud to be the most significant issue they need to address, according our recent research.
- Time and resources: Creating a ZT strategy takes time and resources—human and financial—while budgets are getting cut and teams are understaffed. And internal IT resources may not have enough knowledge of ZT principles to implement a comprehensive strategy.
Because these factors are inherent to the nature of the modern enterprise, they can seem insurmountable, but collaboration and leveraging interoperable technology are the key to success.
Prioritize collaboration and interoperability
There is no overstating the importance of cross-team coordination during a ZT project. The first step in any strategy is to identify the most critical resources that require protection by sitting down with all relevant teams to understand the solutions they use and who needs to access them. These meetings are also an ideal time to get buy-in on your ultimate ZT goal.
When it comes to contending with a multi-vendor environment, it’s important to look for places your organization can consolidate products and prioritize ZT solutions that work well together across complex, hybrid environments. This requires selecting an ecosystem of vendors whose products work together and integrations enable a platform approach to cybersecurity.
The real kicker can be securing resources to fully implement a ZT plan, and the key to keeping your project on track despite overworked teams and thinner budgets is making the ROI of ZT clear. According to IBM, the average cost of a data breach reached $4.45 million in 2023. Not only does a comprehensive ZT plan prevent costly breaches, it can also provide a seamless user experience for employees accessing applications whether on-premises or while working remotely. There’s also the option to bring in outside resources if that’s more cost-effective and to ease the workload on internal teams.
Another factor to keep in mind while addressing common ZT pitfalls is to consider a phased approach when rolling out ZT. It could work to implement ZT at a branch, taking notes of specific issues and missteps to course correct when bringing ZT to larger parts of the network.
Zero Trust is key for SASE
If you’re a CIO, it’s hard to go a day without someone mentioning SASE. Whether your organization has already deployed SASE or is just considering it, remember that Zero Trust Network Access (ZTNA) is a critical component of the solution. Within SASE, ZTNA provides secure access to private applications in the cloud no matter the user’s location.
When building your ZT plan, keep future technologies like SASE in mind so you can lay the appropriate groundwork.
Keep your eyes on the prize
Zero Trust isn’t a box organizations can check to put the concept into practice. It takes work on the front end and during implementation, but the effort pays off with a more secure environment and clearer access control to critical assets. As the Zero Trust solution matures, CIOs and CISOs will have reduced the risk and impact of a breach while also gaining better insights into how and by whom resources are being used.
Fortinet’s Zero Trust Network Access (ZTNA) solution provides secure access to applications anywhere for remote users. Learn more.