Lessons From Successful Zero Trust Implementations

Zero Trust has grown to the point of being a pervasive strategy for almost all organizations I work with, and everyone is at different points in their journey. This momentum is coming from the fact that most organizations are adopting a multi-cloud strategy as well as acknowledging there are some critical business processes that may never move to the cloud - so implementing a Zero Trust Architecture can build a streamlined user experience all the while delivering the assurance of security to the business.

Listening to people who have achieved Zero Trust has led to a number of insights on how to get there - one of which is that ‘Best of Breed’ is dead. Zero Trust is as much policy and process as it is technical capabilities, so consolidating vendors and leveraging those who have integrated their offerings pays dividends - this reduces operational overhead, architectural complexity, and the time spent managing solutions.

Why Consolidation?

The drivers for this consolidation are rooted in two places - first that many organizations near the beginning of their journey may not know what they need to be securing - Zero Trust asks us to move away from securing the network and its perimeter to a more granular level of securing applications, data, and users. To effectively implement Zero Trust now, organizations need to partner with a vendor who has 1) the breadth of security capabilities that together deliver on Zero Trust, and 2) an easy way for organizations to pilot technologies and to deploy them quickly without additional contracts or agreements.

Second is the demand of managing compliance requirements. Historically, being compliant with regulators was ‘good enough’ security.  But now organizations must go above and beyond that and so attestation and managing compliance is a burden.  Working with key vendors who can take some of that effort off an organization's shoulders by offering a broad portfolio of capabilities helps free them up to focus on true security.

Automation for the Win

The era of best-of-breed point solutions is coming to an end. There is just too much to do for security teams - spending time managing integrations and interoperability must be limited to only where necessary. From there, automation needs to be applied in as many places as possible so we can again focus on the big picture. Ultimately having a broad set of capabilities, to discover the most business critical assets and securing them, will accelerate the Zero Trust journey.

Zero Trust is a serious initiative and truly a journey.  Partnering with a key vendor like Broadcom, who take the needs of users into their multiyear roadmaps is a strategic advantage to those who want to successfully achieve a Zero Trust state.