The majority of organisations are actively implementing zero trust, but many are still facing integration challenges, a new report has found.
Fortinet has announced the findings from its global 2023 State of Zero Trust Report. The results provide an overview of the current state of zero-trust security efforts and the progress IT teams have made following the pandemic-initiated need to secure remote workers. The report also delves into the continuing challenges many organisations face in securing a hybrid workforce.
"The Fortinet 2023 State of Zero Trust Report shows that although more organisations are implementing a zero-trust strategy, they still face challenges related to integration," says John Maddison, executive vice president of products and chief marketing officer, Fortinet.
"To successfully implement zero trust, organisations need solutions that are designed to converge networking and security and have the ability to span multiple environments, such as Fortinet Universal ZTNA and Universal SASE."
Organisations of all sizes are working to implement zero-trust strategies. Since the last survey in 2021, companies have deployed more solutions as part of their zero-trust strategies. The number of respondents that report being in the process of implementation is 66%, up from 54% in 2021.
Companies are working to enable zero trust everywhere to minimise the impacts of a breach. Organisations continue to face challenges in implementing their zero-trust strategies.
Although companies are moving forward, they still face challenges. Nearly half of respondents (48%) indicated that a lack of integration between the zero-trust solutions deployed on-premises and in the cloud is the most significant issue they need to address. Other reported challenges relate to end-to-end policy enforcement, application latency, and a lack of reliable information to help select and design a zero-trust solution. Solutions must cover both on-premises and remote users with a consistent application access policy and success has been mixed.
Many companies need to secure access to applications both on-premises and outside of the network, and nearly 40% of respondents report still hosting more than half of their applications on-premises. It's notable that 75% also have encountered issues because of relying on cloud-only zero trust network access (ZTNA). The consolidation of vendors and solution interoperability is crucial.Deploying solutions from multiple vendors has led to challenges such as the introduction of new security gaps and high operations costs. Larger companies in particular are looking to consolidate solutions to simplify operations and reduce overhead.
Secure access service edge (SASE) is a priority. The top priorities for SASE solutions vary, but security effectiveness is the most significant, with 58 per cent placing it in their top three priorities. According to 89 per cent of respondents, SASE integration with their on-premises solutions is also very or extremely important.
Despite claims that everything is moving to the cloud, most organisations still have a hybrid application and data strategy in place. ZTNA needs to work no matter where applications and users are located, and respondents indicated that the top areas that a hybrid ZTNA strategy must cover include web applications (81%), on-premises users (76%), remote users (72%), on-premises applications (64%), and Software-as-a-Service (SaaS) applications (51%t).