By Aileen Kara Hudspeth, Technical Director – Braxton-Grant Technologies, Inc. (Broadcom Software Knight) – Symantec Enterprise Blog
Addressing the biggest challenges of ZTNA implementation
The ability to provide secure access to employees, customers, partners, and other third-parties is essential for any business today. In this blog series, Broadcom Software partner Braxton-Grant will look at why ZTNA is increasingly playing a critical role in providing that access and key factors to consider when selecting and implementing ZTNA solutions.
As anyone in IT can attest, the biggest challenges with new technology are usually not with the technology itself, but with the change management and people issues around implementing the technology.
Zero Trust Network Access (ZTNA) solutions can provide invaluable protection for companies that are dealing with a variety of issues that stem from a complex, dispersed workforce. ZTNA is a subset of Zero Trust that deals with identity and access management for users who are accessing an organization’s applications and resources.
As a Broadcom Knight certified on Symantec ZTNA, I work closely with our customers to overcome the integration challenges, while addressing the change management issues that can arise from adopting an important piece of new technology. I’ve learned that four thigs are critical for success.
Identify internal champions. No technology is an island. A ZTNA implementation needs advocates who can build enthusiasm and help smooth over any issues among the different stakeholders.
Assess current environments: A Broadcom Knight can assess a customer’s current environment and make recommendations based on an organization’s expectations, limitations, and restrictions. The implementation process begins with a discussion of a company’s tolerance for change and the teams that need to be worked with to execute that change. A risk-averse organization should not be pushed at a pace that makes them uncomfortable, unsafe, or unsure that they’re getting what they need.
Develop an action plan. A Broadcom Knight can help implement the solution, build documentation, guide internal knowledge transfers, and train employees.
Determine how to identify and measure success. Different companies will want different types of evidence to demonstrate the success or progress of the project. For example, it may be documentation that demonstrates reduced cloud bandwidth use while other companies might want to see reduced ticket queues.
Bring All Your Stakeholders Along
To migrate successfully to ZTNA tools, you should gather the full support of all your stakeholders. This includes the application owners who will use, modify, and identify the data. Other stakeholders might include legal and HR teams, who want to ensure data governance policies meet industry, state, and federal compliance regulations.
Pick Your Use Case
While many people use the minimum viable product (MVP) approach, I believe in bringing the biggest use cases that will provide the most value, such as secure remote work. Customers must identify the best use cases and address any challenges, even the ones the customers may think are unsolvable. The goal is to direct the conversation in the right way that explores all the possible options available.
Set Up the Pilot
Once you understand how to set up and troubleshoot the solution, you are ready to launch the pilot. Typically, a demonstration or proof of concept can be rolled out in less than a week. Most likely, your organization already has policies to determine what data is protected, who is allowed to access the data, and who is allowed to move the data between different systems.
Typically, the internal rule sets that exist for protecting the data can be rewritten in ZTNA. Working with the application team to understand those policies is typically the lengthiest part of the implementation process. Protections can be set up to allow and deny users access to the application under different circumstances. For example, employees might be allowed to download material when using a corporate system but not when using a personal device.
Conclusion
A successful ZTNA implementation process requires a champion who can answer any questions, build processes based on an organization’s requirements and feedback, ensure a smooth transition that satisfies a divergent set of stakeholders, and helps deliver on the organization’s overall business objectives.