Zero trust, if implemented well, is recognized by the industry as the best way to support remote and hybrid work, especially as workers everywhere connect to SaaS applications to stay productive. But securing an entire organization goes way beyond SaaS apps. Legacy apps running on-premises or in private clouds are still critical for many organizations, especially for those who have made hefty investments in storage and network appliances to support these important applications.
Properly securing private apps today starts with making access seamless while embedded zero trust security controls. To apply the concept of zero trust to those private apps, organizations need a zero trust network access (ZTNA) solution.
Here at Lookout, we recognize that ZTNA is a critical tool for keeping organizations and their private apps secure, which is why we’re so thrilled that Lookout ZTNA has recently been identified as an Overall Leader in the market for ZTNA solutions in the KuppingerCole Leadership Compass. KuppingerCole praised Lookout ZTNA for its native data protection abilities, its approach to provide risk-based access, and for being part of a broader endpoint-to-cloud security platform that delivers a security service edge (SSE) solution.
I encourage you to take a look at the Leadership Compass yourself, but let me break down how Lookout is leading the way in the ZTNA market.
Comprehensive ZTNA with broad controls
Virtual private networks, or VPNs, used to be the go-to solution for extending on-premises security to remote users, but as remote work and hybrid work have become more common, the downsides of VPNs have become increasingly apparent. Because they need to funnel traffic back to a corporate data center, they aren't scalable and are hard to use. Critically, they also grant users access to the organization's entire network, which means any threat actors, once they have access, have the opportunity to move laterally across your infrastructure.
With ZTNA, security teams will be able to replace their VPNs, improving user experience and reducing the risk of lateral movement. By connecting directly to the apps users need, ZTNA grants per-app access based not only on user privileges, but also on the risk posture of the user and endpoint. By limiting access only to the app, instead of giving users a carte blanche to access the entire network, better security is inherently provided. Plus, using ZTNA eliminates the VPN hairpinning that adds latency and slows users down.
KuppingerCole highlighted Lookout ZTNA for its Continuous Conditional Access capability, which gives organizations unprecedented visibility and control when accessing cloud applications from mobile devices — with insights into endpoints, users, networks, apps, and data — and the ability to make risk-based access decisions.
As part of the Lookout Cloud Security Platform Lookout ZTNA takes advantage of native user and entity behavior analytics (UEBA) and endpoint security capabilities. With continuous insights into the risk levels of all the users and devices, organizations can provide access securely and efficiently. For example, when you understand what typical user and device behavior is, you can use that information to flag anomalous behavior that may be indicative of stolen credentials or an insider threat.
KuppingerCole also noted the data protection capabilities that come along with Lookout ZTNA. With data loss prevention (DLP) native to the Lookout platform, organizations can discover, monitor, and control their sensitive data with precision, with watermarking or masking of content to prevent data loss. Lookout ZTNA can also take advantage of enterprise digital rights management (EDRM) to automatically encrypt downloaded data and mitigate against data exfiltration.
ZTNA as part of a complete security solution
One of the reasons Lookout ZTNA stood out in the KuppingerCole analysis is that it doesn't have to stand alone. It's part of the data-centric Lookout Cloud Security Platform, a unified security service edge (SSE) solution that combines ZTNA with the Lookout cloud access security broker (CASB) and Lookout secure web gateway (SWG).
So not only are your private apps secured by ZTNA, your SaaS apps and internet traffic are secured, too. Together, these three technologies enable your organization to implement a simple, unified approach to policy enforcement. That means you only need to write a policy once and it's applied across the entire infrastructure.
If you’d like to learn more about Lookout ZTNA, check out the KuppingerCole Leadership Compass report for more.