Using its “hype cycle” construct, Gartner maps new technologies onto five different stages. New, unproven technologies start as “technology triggers”, proceed to a “peak of inflated expectations” as early publicity generates hype, then descend into the “trough of disillusionment” as solutions that are still immature fail to fully deliver as hyped. Technologies with legs finally move to the two final, mature stages — the “slope of enlightenment” and the “plateau of productivity” as their real capabilities become better understood and mainstream adoption is achieved.
The full Gartner Hype Cycle for Cloud Security report is only available for Gartner subscribers. However, Forbes recently published discussion of how the consulting firm views the current status of Cloud Security solutions, which covers the report in depth.
Here’s what we found notable in the 2020 report.
The Merger of ZTNA and Microsegmentation
Zero Trust Network Access (ZTNA) is a cybersecurity technology that limits user access to applications based on their need – and authorization — to use that application. ZTNA is typically managed on the basis of Role Based Access Control, under which all users who fill a particular role within an organization are granted access to a particular, presumed relevant, set of applications. ZTNA solutions are typically cloud based and can control access to applications hosted either in the cloud or on the company’s own servers. ZTNA manages the “North-South” connection, via which users from outside the local network access apps on the network or users from any location access cloud apps. It addresses the secure user-to-application access use case for organizations.
Microsegmentation addresses the component-to-component or resource-to-resource scenario, focusing on the company’s own network and the “East-West” traffic within it. If a hacker manages to get into the company network, microsegmentation limits the extent of the damage they can do or the data the can access, since apps are isolated from one another.
It makes sense for these two approaches to merge, since together they provide a comprehensive Zero Trust approach to network security. Most enterprises today operate in hybrid cloud environments, with some resources in the cloud and some on the company network. With the coronavirus pandemic still not contained, users may be working on site and physically connected to the company network, or working – and connecting — remotely. As such, a comprehensive approach to security is required, which provides similar protections regardless of where the user or app resides.
A comprehensive approach needs to address ALL of an organization’s IT resources – including legacy host-based systems (some companies still have essential apps running on 20+ year old AS400 systems). It also needs to support the many different ways users may be accessing resources, including Remote Desktop systems that are critical in many situations, like today’s, when more users than usual are working from home.
Ericom Application Isolator is an example of a solution that combines ZTNA with microsegmentation, enabling secure granular access for users in either North-South or East-West connection scenarios.
Hype for Secure Access Service Edge (SASE)
According to its placement on the report’s curve, Secure Access Service Edge (SASE) is one of the most hyped cybersecurity technologies of 2020. When discussing SASE, the report cautions clients to be wary of SASE “slideware” and “marketectures” that don’t provide true cloud-based delivery.
SASE network architectures are designed to address the types of security challenges detailed above — resources located on the company network and outside or it, in the cloud; and users who may be working in the office, at home or virtually anywhere. SASE combines software-defined wide area networking (SD-WAN) with cloud-based security to implement an integrated Zero Trust access approach.
SASE is an emerging technology construct; as such, most vendors don’t have all of the broad set of features and capabilities that Gartner lists. Ericom works with a number of security vendors to integrate our Remote Browser Isolation (RBI) solution as a key technology in their SASE platforms.
The fact that Web/Cloud Application Isolation wasn’t included as an emerging technology in Gartner’s Hype Cycle was surprising, since it functions as a next generation Web Application Firewall (WAF). WAFs are typically policy-driven; Cloud App Isolation, in contrast, is comprehensive, since it “air gaps” apps from users and prevents them from viewing any web-facing app code. It’s a more complete way to protect web applications from malicious agents, who might be seeking a way to penetrate company networks, systems, or data. Cybercriminals do reconnaissance on exposed web code/APIs to find exploitable vulnerabilities. By removing the ability to examine web-facing code from view, the attack surface on applications is greatly reduced. Cloud Application Isolation can be thought of as the flip side of RBI. RBI protects users from malicious websites and malware, while Cloud App Isolation effectively protects apps from malicious users or devices.