Zero-Trust: rethinking security outside the city walls

Zero-Trust: rethinking security outside the city walls

Darren Fields at Citrix describes how a zero-trust approach, combined with biometrics and workplaces secured with AI, will revolutionise security and do away with the “city walls” approach

Security used to come at a price. In the Middle Ages, people had to fortify their settlements with city walls to feel secure. And while security measures today aren’t quite as exhausting, they still take effort.

We are accustomed to having to lock the door when we leave the house, or having to remember a PIN to withdraw money from an ATM. The same “convenience penalty” applies to the world of digital work. Users need to remember passwords for computers, business applications, and – when working remotely – the VPN connection.

But today, a so-called zero-trust security architecture, when combined with biometric authentication, can provide a high level of security, without impairing ease of use.

In recent months, working from home has been a lifesaver for many people. But at the same time, making remote work secure has turned out to be cumbersome: employees first have to log into their work devices, then into the VPN, then into the business applications they want to access. This routine is not only time-consuming and error-prone, it is also widely perceived as a hassle.

In situations like these, people tend to look for workarounds. They switch to consumer apps and privately-owned devices for a quick search on the web or that short e-mail they meant to send hours ago. These inconsistencies are one main reason why working from home sometimes is not as secure as it could, and should, be.

Remote working is here to stay

And yet, working from home is here to stay. The pandemic has acted as a catalyst to make businesses and employees realize the huge benefits of being able to work remotely: much more flexibility, a better work-life balance, and in many cases even higher efficiency.

This is why, in a recent Citrix survey, more than half of the employees polled said they would prefer to work in a hybrid model, i.e. one that allows them to choose each day whether to work from home or from the office. Experts agree that we are entering the age of hybrid work, with employees variably working from the office, from the home office, or on the go, depending on current business necessities, their personal preferences, and their individual schedules.

The problem is that today’s IT security solutions are not made for hybrid work. Traditional VPNs are designed for the occasional remote worker, not for many or even all employees working from home. This is why more and more business are looking for a security solution that actually fits the age of hybrid work.

The new security: zero trust plus biometrics

This is exactly what a recent generation of security solutions is designed for. A new security architecture called zero-trust brings security controls from the network or VPN level to the application level, and from an initial all-access security check to granular rules and permanent monitoring.

This means that for a zero-trust security infrastructure, it doesn’t matter from where, with what devices, or via what kind of network connection employees are accessing their business applications and internal data. All access is treated in a “never trust, always verify” manner.

Meanwhile, more and more smart phones, tablet PCs, and notebooks come factory-equipped with onboard tools for biometric authentication. Users can easily log into modern devices using biometric methods such as fingerprint or face scans. This allows employees to reliably authenticate at their devices by the single push of a button or simply by opening their notebook.

Secure digital workspaces

Businesses can make full use of the potential of biometric authentication and a zero-trust architecture with the help of state-of-the-art digital workspace solutions. These frequently use the zero-trust approach for authenticating employees and combine this with single sign-on to all applications required for the individual user’s role, together with continuous monitoring of device and user behaviour.

Leveraging the power of artificial intelligence and machine learning, this kind of secure workspace environment will immediately detect any suspicious deviation from the usual behaviour patterns associated with a specific user role.

In addition, IT teams can establish rules to define who can access what kind of business resources with what kind of device or network connection. For example, the IT team could allow a call centre employee to work from home with a privately owned device, while determining that finance department staff have to use a centrally managed corporate device to access sensitive financial planning data.

End-to-end security for remote end users

From an end-user perspective, cloud-based digital workspaces give employees a consumer-style one-stop interface to access all the resources they need effortlessly, along with digital assistants to offload repetitive tasks. At the same time, they can rest assured in knowing that their work environment is as secure as it is efficient.

And as long as nothing extraordinary happens, they won’t even notice the zero-trust security solution keeping a watchful eye in the background . They simply log in biometrically and start working, wherever they are, with any device.

In short: hybrid work is here to stay. Businesses need a security architecture designed for the age of flexible distributed work – from home, from the office, or on the move. Cloud-based digital workspaces with a zero-trust security architecture provide a granular level of control, down to the individual application and user. This is needed today to deliver an employee experience that enables staff to work from anywhere with maximum security and ease of use.

Thanks to cloud-based digital workspaces, zero-trust security, and on-device biometrics, there is no more convenience penalty on security. Good-bye, outdated city walls; and welcome, smart office door opening automatically upon recognizing the individual employee’s face!

Darren Fields is regional vice president, cloud networking, EMEA at Citrix

Main image courtesy of

Copyright Lyonsdown Limited 2021

Top Articles

Top 6 Mobile App-Related Data Breaches

Smartphones are a prevalent feature in modern life. With more than three billion smartphone users around the world, who downloaded over 200 billion apps in 2019, it comes as no…

Cyber-security blind spots in PaaS and IaaS environments

Research finds that 100% of companies experienced a security incident, but continue to expand their footprint

Popping the hood on deep learning

Now that cyber-criminals have learned how to compromise machine learning defences, deep learning provides a way forward for security teams

Related Articles

[s2Member-Login login_redirect=”” /]