Why COVID has sparked renewed interest in Zero Trust

The current viral pandemic has caused massive challenges for organisations of all sizes, and one of the biggest has been keeping remote workers securely connected to centralised IT resources.

Prior to the COVID-19 outbreak, most organisations relied on virtual private network (VPN) links to give travelling staff a means of securely accessing applications and data. However, while this works well when user numbers are low, it doesn’t readily scale when larger numbers are added to the mix.

For this reason, the pandemic has sparked greater interest in the concept of zero trust. This strategy removes the need to have a traditional secure perimeter around centralised resources.

Instead, users must be continuously authenticated on their journey through the network and as they access resources. For this reason, zero trust is an ideal fit for enterprises that have a workforce primarily working from outside the office.

Increasing adoption

While some organisations are only beginning to examine zero trust, many others have already embraced the strategy. According to recent research conducted by Ping Identity, 82 per cent of surveyed organisations report they have already deployed some kind of zero trust element within their own environments.

The survey, titled Growth in Remote Work Fuels Zero Trust Investment, incorporated responses from 1,300 C-suite executives across Europe, the United States and the APAC region. It enquired about the ways in which the pandemic has changed IT security behaviours and priorities.

Interestingly, 71 per cent of respondents reported that they believe their investment in zero trust will increase further during the next year. This is a strong indication that the strategy is being embraced much more widely than was the case prior to COVID.

It may come as little surprise that the pandemic has thrust organisations in this direction. After all, COVID has forced a fundamental reworking of the enterprise and brought many kicking and screaming into the IT present day.

When lockdown orders were first issued in February 2020, enterprises were forced to find a way to keep their workers working and the business moving forward. A bootstrapped version of remote work was what made a difference between a business surviving or succumbing.

While many enterprises had been allowing a portion of their workforce to do their jobs remotely prior to the pandemic, COVID-19 changed the rules. Few had prepared for hosting their entire workforce from outside the centralised, and secure, corporate location. This has clearly now changed.

Focus on identity

Linked to the rising interest in zero trust is a corresponding rising interest in digital identity, on which zero trust places a premium. Of those surveyed, 55 per cent have invested in new identity security capabilities since the beginning of the pandemic.

Indeed, 60 per cent have increased their spending on strategic identity-related investments as a direct result of remote working, including single-sign-on and multi-factor authentication (MFA). The survey found 64 per cent of executives estimate that over half of their workforces are now using MFA as a direct result of the pandemic.

Interesting, the vast majority (85 per cent) of respondents now agree that identity security is critical to their organisation’s mobile and user experience. Many have gone deeper into the cloud and rolled out remote work on a massive scale, however, these will not be temporary changes. These things were growing in popularity before the pandemic and COVID accelerated their arrival.

It’s clear that the COVID-driven digital transformations are here to stay, just as remote working is destined to become a long-term feature of the economy. Of those surveyed, 47 per cent said they expected more than a quarter of staff to still be working from home in 2022.

For this reason, zero trust interest is expected to remain high, and with good reason. Consider what benefits it could bring to your organisation.

Ashley Diffey
Ashley Diffey is a passionate leader with over 20 years of experience in B2B sales, key account management and business development in both the finance and ICT/telecommunications industries, specialising in security, data, communications, SaaS and hosted software. As Head of Asia-Pacific and Japan for Ping Identity, Ashley is responsible for accelerating sales and bolstering customer support and services to continue driving the increasing demand for Ping Identity’s solutions in the region. He works with organisations to achieve Zero Trust identity-defined security and more personalised, streamlined user experiences. In addition, he works closely with customers to provide flexible identity solutions that accelerate digital business initiatives, delight customers, and secure the enterprise through multi-factor authentication, single sign-on, access management, intelligent API security, directory, and data governance capabilities. Prior to joining Ping Identity, Ashley worked at leading ICT/Telecommunication companies, including F5 Networks, Commvault and Telstra. During his tenure at F5 Networks, he oversaw the organisation’s southern regional channel and Telstra partnership. He was also Director for Channel Sales Australia and New Zealand at Commvault.