Deloitte is launching a new managed service, Zero Trust Access, to help organizations adopt zero trust more quickly and efficiently. This service offers a cloud-native approach to securing communications between users on any device, and enterprise applications, wherever they may reside. To access organizational resources across identities, workloads, data, networks, and devices, the Zero Trust concept pledges to eliminate implicit trust from an information technology (IT) ecosystem and replace it with a risk-based approach.
Andrew Rafla, Deloitte Risk & Financial Advisory’s zero-trust offering leader and principal, Deloitte & Touche LLP, said, “As perimeter-based approaches are no longer suitable to secure the modern enterprise, many organizations are working to enhance protection for their IT ecosystems via zero trust. Zero Trust Access was built as a turnkey managed service helping ourselves and our clients accelerate the adoption of this transformative security framework. Our goal was to create a cost-effective solution that can be delivered standalone or complementary to a broader ecosystem and ultimately help decrease the burden on IT and security teams who likely need to manage multiple heterogeneous solutions to achieve similar outcomes.”
Zero Trust Access provides innovative data protection that uses device-level secure microcontainer technology to safeguard infrastructure while enabling businesses to safeguard sensitive enterprise data and enforce the least privilege through dynamic access control to corporate assets. The virtual private network (VPN), virtual desktop infrastructure (VDI), and desktop as a service (DaaS) are just a few examples of remote access solutions that can be replaced by managed services. These solutions typically require significant infrastructure investments, high operating costs, and overhead for technology management.
The features of Zero Trust Access include ephemeral connectivity based on secure peer-to-peer (P2P) communication, conditional access, continuous authorization, and robust data protection for data at rest, in use, and transit. These features are consistently applied to each session, regardless of the type or location of the applications being accessed (e.g., legacy hosted applications, software as a service (SaaS), thick-client, web-based applications). Organizations can benefit from outcome-based solutions that increase business agility, boost user productivity, and lower the cost and complexity of security operations by implementing zero trust access.