Wide Area Networks (WAN) are a staple of modern-day IT infrastructures, encouraging greater connectivity across a global estate. Connecting multiple devices, data centres, and cloud services together, WANs have helped to retire traditional perimeter-based security models centred around a single office location. Today’s dynamic organisations utilise WANs to facilitate hybrid working models, enabling employees to work from any location with a stable internet connection. But, with corporate networks now traversing geographic regions, WAN security is more important than ever.
With castle-and-moat security incompatible with WANs, Zero Trust Architecture (ZTA) has emerged as the standard bearer for robust network security. Defined by the enforcement of continuous verification and an inherent untrustworthiness towards all network connections, Zero Trust augments WAN security by limiting access across all IT infrastructure.
However, despite this, there is still a sense of apathy towards its implementation. A recent Gartner Survey revealed that 63% of organisations worldwide implemented a full or partial Zero Trust strategy, meaning that there is still a sense of reluctance to adopting ZTA. Many reasons fuel this hesitancy.
Here, we explore five common obstacles that prevent businesses from implementing Zero Trust to supercharge WAN security.
1. Toxic technical debt
For Zero Trust to be effective, you must utilise the best technologies that balance connectivity with security. However, due to differences in the levels of digital transformation across the business landscape, legacy technology can hold companies back from committing to Zero Trust. Why? It leaves organisations at a significant disadvantage, with increased operational costs, network complexity, and cloud incompatibility. Furthermore, in industries like manufacturing and healthcare, organisations depending on unsupported legacy software are exposing themselves to gaping security vulnerabilities across the network.
Toxic technical debt is a burden for organisations and severely hampers efforts to improve WAN security. The good news is that companies can still navigate around legacy technology and implement Zero Trust through effective planning. But despite the ability of Zero Trust to work around legacy systems, senior stakeholders may still be unconvinced, owing to their prior investment of time and money into those very same systems.
2. Sunk cost fallacy
Legacy technology is an obstacle to Zero Trust implementation, but not insurmountable. Beyond the impracticality of technical debt, senior stakeholders are hesitant to make wholesale changes to the network architecture based on the previous commitments of time, resources, and money. This phenomenon is known as the sunk cost fallacy, which can seriously hinder digital transformation.
Persisting with legacy systems over Zero Trust and cloud-based technologies weakens WAN security and costs more time and money to unfix than if a Zero Trust model was introduced in the first place. That’s why ZTA implementation needs to be framed as a long-term project, guaranteeing far more benefits than the short-term convenience of persevering with legacy systems.
3. Lack of strategy
The expression ‘Failing to prepare is preparing to fail’ is well reflected in Zero Trust implementation. If your ZTA strategy is not prefaced by meticulous planning, it will not deliver as intended. Unfortunately, enhancing WAN security is not a quick fix and for ZTA to be successful, you need to spend time formulating a plan. According to McKinsey, 70% of complex, large-scale digital transformations don’t reach their stated goals and that is in large part down to overlooking strategy.
A strategy should look beyond immediate wins and build for the long term. Because WANs are built on a huge scale, the technologies and strategies of ZTA need to be implemented on a granular level, accounting for every network component. An effective Zero Trust strategy prioritises agile principles and flexibility as due to users being liable to change roles, a ZTA plan may become obsolete in the present iteration. You also want to balance rigorous security against usability as you don’t want the verification measures of Zero Trust to impact the user experience. Understanding the imperative of a good strategy is one thing. Comprehending the time and cost-intensive nature of ZTA is a whole different game.
4. Cost and time
The initial investment of time and money can put companies off implementing Zero Trust in WANs. Most Zero Trust implementations involve the replacement of legacy systems with dynamic, cloud-based technology. Because incremental steps are needed when introducing ZTA to boost WAN security, the implementation must be broken down in phases to avoid disrupting business critical operations.
Despite the initial high investment of purchasing new security technologies and software, it will be worth it in the long term. Introducing ZTA can facilitate the transition from a Capital Expenditure (CapEx) model to an efficient, Operational Expenditure (OpEx) model where you only pay for the services and technologies being used. This transition is characterised by the introduction of cloud-based, virtualised technologies such as Software-Defined Wide Area Networks (SD-WAN).
5. Trusting one cloud vendor
The cloud supplements WANs by boosting connectivity and transforming business operations. Though restructuring cloud environments can be a complex undertaking.
Whilst only using a single cloud vendor may appear to be the most convenient route to ZTA success, it is not going to offer that same level of WAN security as a multi-cloud strategy as you’re essentially putting all your eggs in one basket. Reducing the risk of vendor lock-in, a multi-cloud strategy enables businesses to restrict access to resources and applications via network segmentation. With resources stored in multiple cloud environments, the risk of collateral damage by way of lateral movement is reduced, with assailants limited in targeting additional vulnerabilities across the network. Convincing stakeholders of the security benefits of a multi-cloud strategy significantly boosts the effectiveness of ZTA in WANs.
Acknowledging obstacles to WAN security
There is no denying that Zero Trust implementation requires significant uptake, especially in the case of WANs that cover vast geographical areas. By acknowledging the presence of obstacles and understanding why stakeholders may be hesitant to such an undertaking, you stand a better chance of convincing senior officials to implement ZTA. Boosting WAN security is fundamental to the foundations of a functional, interconnected corporate network, with Zero Trust representing the means to deliver that robust level of security.