ZTNA: Your Security Escort Service

So, here’s the problem that starts at your firewall: Your security setup grants permission to a credentialed user to access your system. The credentials have been authenticated by several methods, and the user is free to move about your apps and files. It’s an everyday occurrence with our mobile, hybrid work systems. But what happens when someone either fools your authentication system or decides to go rogue? ZTNA gives you the ability to follow every user everywhere in your system.

ZTNA stands for Zero Trust Network Access, and it’s based on the premise that you can’t trust any user with unfettered access to your entire system. The rationale for a business to use ZTNA goes back to a security breach at Target more than 12 years ago, when the personal and credit card information for some 40 million customers was compromised. It’s become a classic case study for cybersecurity.

In short, hackers exploited a vulnerability in the system of a third-party contractor, a mechanical engineering firm. Using stolen credentials, the attackers gained access to Target’s systems, where they deployed malware on the company’s point-of-sale (POS) devices. This allowed them to capture sensitive customer information without being detected for several weeks.

Granted, firewall security systems have become much stronger over time, but for most of them, you can access any part of a system once you get past the firewall. ZTNA technology never stops tracking any user as long as they’re inside the network.

  • It grants access only to specific applications and files based on system admin’s determination of each user’s need to know.
  • It assumes every access attempt is risky (zero trust).
  • It continuously monitors a user’s activity and verifies it.

In operation, ZTNA sets up one-to-one connections between users and the resources they need. It’s similar to two people who need to contact each other by exchanging phone numbers. But unlike two people exchanging numbers, ZTNA connections need to be re-verified and recreated periodically.

The technology is also device-based, which is critical in our hybrid work world of BYOD (Bring Your Own Device). ZTNA can incorporate the risk and security posture of devices as factors in access decisions. It does this by running software on the device itself (sort of like a license plate reader) or by analyzing network traffic to and from the device.

While there are variations of ZTNA technology, the bottom line is that the protection of your data – and your clients’ and customers’ data – is priceless. This is where we can help. Call us – 973-433-6676 – or email us to talk about your security needs, your workforce’s access needs and your administrative needs.

Standard or Premium? The Answer to the Question

Microsoft 365 is the app suite of choice for businesses, governmental agencies and institutions all over the world. It comes in two versions: Business Standard and Business Premium. The cost difference is $10 to $15 per month per user, which can be significant for larger organizations. Here’s why we think it’s a good investment: SECURITY.

The Premium version has four security features that the Standard version does not:

  • Microsoft Defender for Business provides advanced threat protection, helping to safeguard against malware and phishing attacks.
  • Intune for Device Management allows organizations to manage and secure devices, ensuring that only compliant devices can access company resources.
  • Azure AD Premium with Conditional Access offers granular access controls based on user identity and device compliance, enhancing security for sensitive data.
  • Advanced Compliance Tools include data loss prevention and message encryption, which help protect sensitive information and ensure compliance with regulations.

Premium is recommended for businesses or organizations with up to 300 users that require enhanced security and device management for:

  • Protecting sensitive data against threats like ransomware and phishing
  • Managing devices, especially for remote work
  • Compliance with regulations

Microsoft 365 Business Premium incorporates some principles of Zero Trust Network Access (ZTNA) such as identity verification to control access to applications and resources and continuous verification to verify user identities and device compliance before granting access.

If you have Microsoft 365 Business Premium deployed in your organization, you can always scale up to a full ZTNA program. You and the people in your organization will already be familiar with its principles, and that should ease the migration.

If you’re thinking about moving more of your technology to the cloud or if you want to strengthen your security with measures such as access control and device management, you should talk to us about moving up to Microsoft 365 Business Premium. We can configure it to meet the needs of your organization. Call us – 973-433-6676 – or email us to set up a conference.

Mac’s New ‘Mini’ is the Max

In our opinion, the new MacBook Neo punches so far above its weight for what’s considered an entry-level computer that it’s a real heavyweight for road-warrior business users.

As we wrote this issue of Technology Update, our Neo was on order, and we’re looking forward to getting it with great anticipation. We believe it will be the best device for making the most efficient use of Microsoft Cloud PC, and it will be highly cost-efficient, too.

Costing $599 to $699, it’s a full computer with the size advantages of a tablet – like the iPad – with a built-in keyboard and a high-resolution screen – 13-inch Liquid Retina with 2408 × 1506 resolution. Its A18 Pro chip is capable of handling everyday tasks such as web browsing, document creation, and media consumption. It is not intended for heavy workloads like professional video editing or gaming. Instead, it should be ideal for getting on the internet to access your apps and files and get to work.

The laptop includes:

  • Two USB-C ports (one supporting DisplayPort)
  • A headphone jack
  • Wi-Fi 6E and Bluetooth 6 for wireless connectivity

It comes with 8 GB of RAM and either 256 GB or 512 GB of storage. Both specs are above the entry levels for an iPad 11. It weighs 2.7 pounds and has a battery life of 16 hours. While it does weigh more than an iPad, the weight difference can get wiped out if you have a thick case and need to carry an external keyboard and mouse to try to emulate a computer.

The iPad’s high-resolution touchscreen and lighter weight may be better suited to those who don’t need full computer capabilities. But the Neo can run the full Microsoft 365 applications, and for me, at least, that’s the big winning factor. I was on the fence about it, but in talking with colleagues at various conferences, I was convinced to give it a shot.

We’ll have more about it once I have an opportunity to put it through its paces. In the meantime, we’re happy to talk to you about it and deploying it so that the Mac and Windows operating systems are in sync. Call us – 973-433-6676 – or email us to start the conversation.