Introducing Resilient Zero Trust Security for the Work-from-Anywhere Perimeter

By: Torsten George | 4/7/2022 | 4 min read

As it’s become clear that remote/hybrid work is here to stay, IT and security practitioners must figure out how to enable a secure and resilient anywhere workforce to minimize their future risk exposure. At the same time, they need to ensure that users are guaranteed consistent and good quality experiences no matter where they are. Employees want their technology to work, and they don’t care what happens in the backend as long as they can reliably and consistently access the resources they need.

In this context, we are excited to announce our latest product release for our Secure Access product line (formerly known as NetMotion), which delivers a broad range of product innovations including self-healing Zero Trust Network Access (ZTNA); a resilient deployment architecture; as well as expanded network and ZTNA policy intelligence.

Delivering the industry’s first resilient, self-healing ZTNA platform

As secure access has become an essential element of organizations’ defense strategy, it is critical to protect our ZTNA software against malicious or inadvertent tampering. Starting with this release, we offer a self-healing, resilient client version for Windows. This allows us to monitor the client’s files and associated processes. If tampering is detected, the client automatically repairs or reinstalls itself, using a known good copy from a trusted source in our secure cloud.

Key benefits:

  • Ensures ZTNA application integrity by maintaining health and efficacy.
  • Increases operational efficiency by leveraging automatic, zero-touch, built-in resilience.
  • Maximizes productivity by guaranteeing availability of the ZTNA application and reduces IT helpdesk tickets.

 

Expanding deployment flexibility with a resilient architecture

Absolute has added resilience to its distributed network architecture. The new architecture is leveraged within our Software-as-a-Service (SaaS) offering, and across all delivery options. It is especially appealing to customer-managed environments, revolutionizing the traditional approach by offering a “shared-nothing” architecture with all the benefits of SaaS, such as high availability, horizontal scale-out, and zero downtime upgrades, while still fully owned, operated, configured, and privately managed by the customer or our Managed Service Provider (MSP) partners.

Key benefits:

  • High availability, high scalability, and robust security.
  • Individual system components will automatically self-heal in the event of failure, allowing other servers to take over if needed.
  • Allows for broader use of public networks in the backend infrastructure - not just expensive, private circuits.
  • Better preparedness for disaster recovery of global deployments.
  • Frees up significant time and bandwidth for customers’ IT operations team to work on innovations and other business critical needs.

 

Further hardening of the ZTNA platform to minimize risks of compromised credentials

Absolute has taken steps to further harden our Secure Access solutions to minimize risk exposure that results from compromised credentials. These advancements range from allowing easier adoption of modern, federated authentication solutions for our customers’ remote and on-premises personnel, and the protection of all authentication exchanges between clients and server independent of the method used to deploying strong encryption for communication between the system nodes and servers to ensure the confidentiality and integrity of the data replication.

Key benefits:

  • Allows adoption of modern, federated, and cloud-hosted authentication solutions for both remote and on-premises personnel to minimize risk exposure to falling victim of compromised credentials.
  • Protects authentication exchanges between clients and server with strong encryption (via AES) regardless of method used, minimizing the risk of man-in-the middle and “pass-the-hash” attacks.
  • Applies strong encryption (via TLS) for communication between our system nodes and servers, securing data within and between data centers, regardless of their physical location.

 

Bolstering ZTNA actions to streamline secure access and avoid invading on user’s privacy

Absolute delivers enhancements to allow for better handling of increased volume of access requests by remote workers and allows for sensitivity around collecting specific data sets based on security events, business needs, or privacy standards.

Key benefits:

  • Allows for re-challenge of authentication credentials upon contextual changes, removing unnecessary friction for end users.
  • Protects employee privacy on corporate or BYOD devices by disabling data collection by policy conditions (e.g., time of day, network name).

 

Expanding network and event visibility to inform and improve security policy enforcement

Absolute expands its existing diagnostics and monitoring capabilities with the launch of Absolute Insights for Network (formerly NetMotion Mobile IQ). This includes support for ARM devices for MacOS and Windows, as well as broadened intelligence for 5G networks (e.g., signal quality, network availability, network coverage, and network usage) and ZTNA policy enforcement (e.g., policy-blocked hosts/websites, addresses/ports, and web reputation) to bolster the ability to protect employees from accessing malicious applications and network destinations.

Key benefits:

  • Allows to monitor, investigate, and remediate end user performance issues quickly and at scale on networks that are not owned or managed by the enterprise but used by its employees.
  • Visualizes security control efficacy, allowing for immediate impact analysis and further fine-tuning of ZTNA enforcement policies to minimize phishing, smishing, malicious web destinations and restricting lateral movements.
  • Helps analyze and evaluate end user experience.
  • Identifies patterns and insights on changes across the environment and helps resolve issues non-invasively.
  • Increases employee productivity and morale.

 

For more details on Resilient Zero Trust Security advancements, please refer to the “What’s New” release notes.

Financial Services