Conclusion: Current network and security deployments make many assumptions about the threat environment and which controls are effective. Many of these assumptions are predicated on an older security architecture that emphasised the perimeter. This perimeter then segregated the outside from the inside with an associated perception that inside was good or trustworthy and outside was bad and untrustworthy.
It is easy to see that for many, if not most organisations, the perimeter is no longer just considered a solid demarcation point between outside and inside. The internal network hosts contractors and consultants as well as integrates external services as if they are native to the network. Staff operate from partner and customer locations as well as from public networks via wi-fi hotspots in cafes, airport lounges and hotels.
This evolution requires a fresh security architecture to assist organisations to operate in the evolving network and service paradigms. The zero trust network (ZTN) philosophy lays out an architectural approach to deploying services, enabling staff and supporting customers. ZTN should be assessed by any organisation looking to move to an internet-driven, Cloud-supported and secure operating schema.