A Zscaler survey results show that today, more than 90% of organizations migrating to the cloud have a Zero Trust security strategy in place or plan to in the next 12 months. Credit: Jay Yuno Holistically, Zero Trust is often described as a strategy or a framework, not a product sold by specific vendors. This is true; Zero Trust is a new way of security thinking that permeates several areas, not just architecture or technology. However, there are practical implementations from vendors, like Zscaler, that have built their solutions around Zero Trust. Once deployed, this technology provides secure access for users, things, and workloads to public or private destinations based on Zero Trust principles. When considering solutions based on a Zero Trust architecture, it is essential to understand how this market is described and categorized. The most common taxonomy is called Security Service Edge or SSE (defined by Gartner), an umbrella description for solutions offering Zero Trust architecture, among other functions. Gartner’s SSE provides a framework that combines the main elements of network security–including the Secure Web Gateway (SWG), Zero Trust Network Access (ZTNA), a Cloud Access Security Broker (CASB), and firewall as a service (FWaaS), among other components–as provided from the cloud at a location near the end user. ZTNA, in this context, relates merely to user-to-private application access. The main point is that once hosted on-premises, the security stack moves to the cloud or the “security edge.” This affords security operations all the benefits of cloud-hosted solutions, including simplified complexity, scalability, easier maintenance, architecture, etc. How do Zero Trust architecture concepts relate to the broader concepts of SSE? They are closely intertwined. Think of SSE as a practical implementation of zero trust architecture and other ecosystem components like identity, EDR, or SIEM/SOAR. Zscaler The components of the Security Service Edge, the basis for zero trust architecture. Is Zero Trust a passing fad, or is it here to stay?Zero Trust, as delivered by an SSE vendor, has already enormously impacted several organizations. It proved especially valuable as the pandemic moved workers home, expanded the network, taxed VPN resources, and opened new doors to attackers. Organizations that transitioned to ZTA were able to send workers home seamlessly while avoiding the common bottlenecks and security concerns that generally accompany such a massive workforce shift. That being said, many organizations are still in various stages of their transformation journey.A Zscaler survey results show that today, more than 90% of organizations migrating to the cloud have a Zero Trust security strategy in place or plan to in the next 12 months. Respondents indicated that zero trust network access (ZTNA) is their No. 1 priority, based on providing a secure hybrid work environment. They cite their employees’ inconsistent access experiences for on-premises and cloud-based applications and data as a top reason to implement a zero trust-based hybrid work infrastructure. In addition, 68% of IT leaders also admit that cloud migration requires a rethinking of traditional security models. In our survey, the reasons to move to zero trust security were ranked by respondents in this order:Improve detection of advanced threatsImprove detection of web application attacksBroaden security to protect sensitive data ZscalerZscaler survey results on zero trust sentimentGartner publishes the Magic Quadrant and Critical Capabilities research on the Security Service Edge, and as of this writing, is working on the 2023 version. They made the following prediction about ZTA and SSE, highlighting movement toward a consolidated SSE approach over point solutions:“By 2025, 80% of organizations seeking to procure SSE-related security services will purchase a consolidated SSE solution, rather than stand-alone cloud access security broker, secure web gateway, and ZTNA offerings, up from 15% in 2021.”The data shows that traditional network and security architectures must be equipped to provide adequate security and connectivity for the rapidly evolving hybrid workplace. Globally, IT and security leaders have or are actively planning to replace their legacy architectures with a Zero Trust solution based on an SSE platform. So, to answer the question, ZTNA is one component of a comprehensive SSE framework. Zero Trust and SSE are not synonymous, but without ZTNA any SSE is incomplete.Before making your decision about selecting an SSE solution, read this free eBook that details seven pitfalls to avoid. Related content brandpost Sponsored by Zscaler Study finds Zscaler can save $2.1 million annually A new study led by IDC highlights the impact a cloud-delivered approach to data protection can have on the bottom line. The results were eye-opening. By Zscaler Jun 23, 2023 6 mins Security brandpost Sponsored by Zscaler Optimize user experience and achieve faster IT resolutions using AI Broad cloud adoption and hybrid workplaces have pressured network operations, service desks, and security teams. AI offers a reprieve – and a way forward. By Zscaler May 16, 2023 7 mins Machine Learning Artificial Intelligence brandpost Sponsored by Zscaler Mercury Financial gains a competitive advantage with zero trust With many employees working remotely, Mercury Financial needed a solution to help find, troubleshoot, and correct user issues. Enter: Zscaler. By Zscaler May 04, 2023 6 mins Security brandpost Sponsored by Zscaler 7 considerations for successful digital transformation Sanjit Ganguli, Nathan Howe, and Daniel Ballmer help CXOs clarify the confusion around zero trust in their new book: “Seven Questions Every CXO Must Ask About Zero Trust.” Let’s peek into what you’ll find in their executive&rs By Zscaler May 04, 2023 10 mins Digital Transformation PODCASTS VIDEOS RESOURCES EVENTS SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe