Respondents with Zero Trust models leveraging Next-Gen Access report reduced overall risk and lower security-related costs
Centrify, a leading provider of Zero Trust Security through the power of Next-Gen Access, today announced results of a commissioned study conducted by Forrester Consulting on behalf of Centrify, which finds that organisations powering Zero Trust Security with Next-Gen Access solutions reported twice the confidence to accelerate new business models and customer experiences.
The study of 311 IT decision-makers in North America and the UK finds that 67 per cent of all enterprise resources are exposed to access-related risk, and that a Zero Trust Security approach is the best strategy to control access to enterprise resources.
The study revealed that Next-Gen Access is the engine that powers Zero Trust Security, stating that, “NGA technologies enable the layers necessary for a successful Zero Trust strategy.” Organisations using Next-Gen Access solutions – including Identity-as-a-Service (IDaaS), Enterprise Mobility Management (EMM), and Privileged Access Management (PAM) – also reported topline benefits including being 66 per cent more confident in adopting mobile work models, and 44 per cent more confident in securing DevOps environments. Those same respondents reported bottom line benefits of mitigating overall risk by 37 per cent and reducing security costs by 31 per cent.
According to Forrester, 58 per cent of global enterprises have experienced a breach in the past 12 months. According to the study, “Security leaders are urgently scrambling to defend every entry point, but traditional approaches to security, based on keeping out the ‘bad guys,’ while letting in the good guys, have proven ineffective.” In response, many security leaders are turning to Zero Trust approaches that remove trust from the equation completely, shunning the traditional “trust but verify” approach and replacing it with a “never trust, always verify” mandate.
“The dissolving network perimeter is causing a complete rethink in how we approach security, taking into account a new enterprise reality defined by the cloud, mobility, and increasing demands for agility,” said Tom Kemp, CEO of Centrify. “This study reveals that two-thirds of enterprise resources are exposed to access-related risk, largely because organisations are approaching security in a way that no longer works and with solutions that are ineffective. Zero Trust Security, powered by Next-Gen Access, reduces risk and costs, while ushering in a new era in customer experiences and business models.”
“Zero Trust is the best strategy to control access,” the study states. “Successful access control is a key pillar in Forrester’s Zero Trust model for securing today’s enterprises. A Zero Trust strategy, as the name implies, rests on security leaders not making any trust assumptions throughout their security architecture.”
To enforce user access, a Zero Trust strategy requires that an organisation’s security must have the capability to:
- Verify the identity of every user through a combination of identity governance, single sign-on, and multifactor authentication (MFA) to eliminate the risk of credential compromise.
- Validate every device with mobile device management to enforce secure policy, with local administrator privilege management to eliminate local admin compromise, and with device identity management to ensure that only trusted devices are allowed to access resources.
- Limit access and privilege using privileged access management to ensure a user has just enough access and only the necessary privileges to perform their job during any given time.
- Continually learn and adapt using behavior-based analytics and privileged access auditing/monitoring to automatically improve and personalise access policies.
Centrify’s Next-Gen Access delivers a unified, industry-recognised solution that uniquely converges IDaaS, EMM and PAM to address these four pillars of Zero Trust Security. This seamless integration secures access across applications, endpoints and infrastructure for all users, without sacrificing best-of-breed features.