Forrester Analyst John Kindervag coined the term Zero Trust over a decade ago now. The framework was built on the premise that organizations should never blindly trust and must always verify. It makes sense – cyberthreats have escalated and business has evolved greatly over the last ten years, and Zero Trust ensures that businesses are taking the right steps to protect their data. But it’s far from perfect, even with years of practice.
One major roadblock to adopting Zero Trust is what it can do to the user experience (UX). We all know employees are the lifeblood of any organization, but too often IT decisions are made without the end user in mind. To be truly productive, workers need the path of least resistance, meaning Zero Trust or any security implementations should be as intuitive and frictionless as possible.
One way to achieve this is by taking a platform-first approach. By consolidating digital identities, security, and all applications and systems in one central location, you can ensure a seamless Zero Trust rollout, while providing your team with familiar systems they already work with daily. In this article, I’ll explore the 3 Ps: productivity, piecemeal approaches, and progress, that can pose UX challenges with Zero Trust, and how a platform approach can help overcome them.
As mentioned, one of the main challenges with Zero Trust implementations are the adverse effects on productivity. When employees lack access to the tools they need, their motivation and work suffers, and so does your business. As a result, hours, and even days of lost work trying to remediate access requests become the norm. On the flip side, too much access opens your organization up to risk. This leaves many leaders weighing the scales of productivity and protection.
However, by unifying identity and Zero Trust on a business platform, issues with access can be quickly flagged, investigated, and resolved automatically. Resolving access requests in one central repository, rather than using multiple tools and processes expedites the process significantly. It also enables organizations to keep better track of who has access to what. Faster resolution to issues and better visibility are just two of the benefits of this approach.
Zero Trust requires many IT functions and tools to work together seamlessly across an organization’s data, devices, network, applications, and users. It’s easy to understand, but it’s not so simple in practice. And its why many organizations fail to connect data and protections of multiple products without leaving security holes. After all, the average enterprise uses 75 security products to protect their network, according to CSO.
Choosing to consolidate your security applications on a platform empowers businesses with an overarching system of action across all the silos of a business—security and beyond. The biggest challenge in Zero Trust is the user, and a platform can address this by adding a complete user security profile in one central location, regardless of the device, network, or application they’re using. This is a huge undertaking with the size, speed, and constant business changes happening every day. But it can be streamlined on a platform, saving time, money, and headaches.
The pace of business is fast. Events like the pandemic, which accelerated digital transformation initiatives, and ‘The Great Resignation,’ which amplified workers coming and going, have made it faster. It’s no surprise that keeping tabs on constantly changing processes and people are a challenge for security. This environment requires control policies to be updated in near real-time as things like professional roles and titles evolve, appear, and disappear before our eyes. Zero Trust adds another layer of verification to this, which is necessary, but not always timely.
Any lag in appropriately granting and removing access can leave organizations vulnerable to procrastination, or worse, an attack. By managing identity security on the same platform as HR and other functional business areas, you can ensure access policies are being updated constantly, greatly reducing risk to the organization. Business progress is a great, but it’s absolutely critical to balance good security practices, and ensure users have the right access to do their jobs effectively.
Implementing a Zero Trust framework can seem like a daunting task, but it doesn’t have to be. By linking identity security and Zero Trust to the business platform you already use, you can eliminate many of the hurdles associated with traditional tech implementations. Whether you choose a platform approach or not, keeping productivity, piecemeal approaches, and business progress and change in mind will serve you well when it comes to a solid UX.
This article first appeared in CustomerThink.