Zero trust adoption grows as businesses look for end-to-end security
The idea that organizations should have a trusted internal network and an untrusted external one is rapidly giving way to a posture of zero trust across the board.
A new survey of 500 IT security leaders by identity specialist Okta finds a massive 275 percent year-on-year growth in the number of North American organizations that have or plan to have a defined zero trust initiative on the books in the next 12-18 months.
The 2020 study also finds that 60 percent of organizations in North America, and 40 percent globally, are currently working on zero trust projects.
Kelsey Nelson, senior product marketing manager at Okta writes on the company's blog, "As people continue to shelter in place and work from home in response to COVID-19, the idea of a shifted security perimeter is now everyone’s reality. Many organizations were forced to quickly spin up remote work environments and security tools to enable business continuity during this time. And while we've seen a lot of rapid success, for many this short-term firefighting approach isn't sustainable -- especially as technology and business leaders expect changes like expanded work from home policies to persist long after the crisis."
As digital business models evolve, organizations need seamless connections with external supply chains, emerging data sources, and third-party technology systems. This puts increased focus on API security with 21 percent of all organizations planning projects to secure access to their APIs in the coming years, led by 40 percent of European businesses and 30 percent in Australia and New Zealand.
Organizations are also increasingly seeing the value of looking at risk signals beyond checking which network users are coming from. When determining the potential riskiness of access decisions, they’re elevating the importance of device health, as recommended by Forrester, Gartner, and many other zero trust proponents.
Last year, 55 percent of Okta's survey respondents still listed the network as a top factor for context-based access decisions, but that's dropped to 20 percent in 2020. The key considerations companies -- across regions and industries -- now use in their access decisions are all about device posture and physical location.
You can read more about the findings on the Okta blog.