ZTNA plays a significant role in effectively securing the increasing attack surface of the WAN edge
In stark contradiction to the thinness of a razor’s edge or the narrow, perilous edge of a cliff, the Wireless WAN edge is enormous. As it continues to expand with more and more connections coming online each day — and with enterprise 5G usage skyrocketing — the adoption of a 5G Zero Trust Network Access (ZTNA) solution is critical to preventing malicious attacks.
ZTNA vs. VPN: the evolution of WAN edge security needs in a 5G environment
With the advent of 5G, enterprise businesses in every industry have transitioned to cellular WAN solutions to connect people, places, and things. The old way of securing these relied mostly on firewalls and Virtual Private Networks (VPN) that acted like walls and moats securing the perimeter of a castle — if you made it inside the network, you were safe.
But from remote employees to fleets of connected vehicles to hundreds of thousands of IoT devices, the footprints of enterprise businesses are getting larger and the surface area of the Wireless WAN edge and its potential for attack are steadily increasing.
Traditional VPN “trust but verify” models don't meet today’s security demands. Instead, ZTNA solutions can replace VPN technology and secure the expanded Wireless WAN edge by assuming no one outside or inside the network can be trusted until their location, device, and session information have been verified. Even those who make it into the walls of a network via ZTNA are restricted from moving throughout it, ultimately reducing the surface area for an attack.
Why are 5G and zero trust the newest trends at the wireless edge?
Adoption of the technology that once personified trendsetting is now gaining confidence across industries in businesses of all sizes. More than half of organizations who use 4G or 5G connectivity today are using it to connect IoT, vehicles, or digital signage, or to augment wired links in branch locations, and more than 85% of organizations are confident that 5G will deliver the promised speeds, coverage, reliability, and potential within the next 12 months (State of Wireless WAN 2022 Report).
Despite the eagerness to adopt 5G, enterprises have the difficult task of striking a balance between providing a holistic approach to network security and not making that approach so difficult to use that their employees look for ways to circumvent the system or avoid using it altogether. Zero trust provides a way for users to securely access the network, but with significantly less friction compared to legacy security technology.
For example, with ZTNA, users no longer need to carry a token or remember a password to sign in, and the secure connection created through ZTNA doesn’t impede the use of local resources like a home printer as a VPN would. Additionally, with a 5G zero trust strategy in place, users and their devices are continuously monitored and validated during their session without needing to repeatedly sign in.
What security factors should be considered when deploying wireless broadband solutions?
Although 5G security includes upgrades at the network level such as enhanced subscriber privacy, improved core network agility, expanded roaming security, and new authentication framework, it should not be assumed that the security of 5G is the same from one carrier to the next. Carriers may decide to not implement all these protocols as part of their network security, so it’s important for enterprise users to understand what security is available and which additional layers of security they should implement in addition. To understand the threshold of security needed, businesses should consider the following:
- Is your carrier leveraging all available network security?
- What is the expected use case for each router and adapter on your network?
- How are IoT and connected devices interacting with the network?
Whether you’re connecting to a petroleum tank monitoring device or simply allowing someone to log into their timecard from Starbucks, zero trust ensures that each user is appropriately vetted and verified for their specific use case and that their levels of access do not exceed their needs. But while ZTNA solves the issue of trust, enterprises must also consider solutions for ransomware, data cataloguing, and more that are not solved by ZTNA solutions alone.
The unsung impacts of WAN edge security breaches
In the past, levels of security often correlated to levels of threat or breadth of impact. For instance, the company Wi-Fi at a dog grooming salon may have been deemed less important than the WAN on an oil rig. Today, however, we know that security and risk must be evaluated holistically. Just because there isn’t an imminent threat to life doesn’t mean a connection deserves any less attention to security. Compromised data can ruin the reputation of a company, lose the trust of customers, and cost millions of dollars, regardless of the business or industry.
Beyond corporate impacts are the impacts on individuals and their contributions to a successful business. For example, if an employee’s personal bank account information is compromised by a man-in-the-middle attack on their enterprise email, the business is still at a loss. Even though corporate account information wasn’t compromised, that employee is likely unable to focus on much of their day-to-day work until their personal issue is resolved.
Security attacks have large, sometimes irreversible impacts on the finances, productivity, and well-being of organizations and their employees. By implementing a 5G zero trust strategy, businesses are taking a major step in reducing risk while maintaining control of their network.