Pomerium and CHT Security Partner for Zero Trust Network Access Solution
For the Mandarin Chinese version of this announcement, please see CHT Security’s post here.
We are thrilled to announce a new partnership between Pomerium and CHT Security to offer a Zero Trust Network Access (ZTNA) solution. With the rise of remote workforces and the increasing need for secure access to enterprise resources, our joint solution will provide unparalleled security and accessibility to organizations of all sizes.
But why should companies care about ZTNA? Simply put, traditional security models are no longer sufficient to protect against the constantly evolving threat landscape. The outdated perimeter-based approach to security and remote access has proven ineffective against modern threats such as phishing, ransomware, and advanced persistent threats. In contrast, ZTNA is designed to provide secure access to enterprise resources without compromising on accessibility or usability.
Recent cybersecurity incidents involving two car rental companies showcase the need for better access controls: insufficient authentication and access control measures led to the data breach of over 100,000 customers’ personal privacy data per company.
According to CHT Security’s incident response statistics in 2021, stolen credentials and public-facing applications are the top attack vectors exploited by hackers. Additionally, 10% of the public-facing application exploits were due to identification and authentication vulnerabilities. These highlight the importance of implementing ZTNA, which provides secure access control to safeguard important assets and resources.
So, what exactly is ZTNA?
At its core, ZTNA is a security model that verifies the identity of every user and device attempting to access a network, and provides granular access controls based on that identity. Rather than assuming trust based on network location, ZTNA enforces trust through continuous verification and dynamic policies. By implementing Pomerium and CHT Security’s solution, every corporate resource will have conditional, per-request access according to the organization’s central access policies.
(For a better understanding of how USA’s NIST defines Zero Trust Architecture, read this blog post.)
This partnership means CHT Security can now offer Pomerium as part of their ZTNA solution that provides secure, seamless access to enterprise resources from any location. Our solution provides a number of key benefits, including:
- Identity and Context-aware access: In a world where credentials are compromised and access tokens are stolen, access control should go beyond identity alone. Pomerium verifies the identity of every user and device, then leverages external sources of data to make better decisions about granting access, limiting the damage from malicious insiders and compromised accounts.
- Increased accessibility and usability: The solution provides secure access to enterprise resources from any location, without the need for a VPN or traditional perimeter-based security model. Being able to deploy Pomerium at edge also means end users do not have connectivity or latency issues, giving organizations operational flexibility and agility.
- Simplified management: By streamlining the management of access controls, policies, and user identities, we make it easy for organizations to maintain a secure and accessible environment. IT teams can avoid segmenting networks in favor of mutual authentication with Pomerium, ensuring internal services work better while limiting lateral movement.
- Audit and logging: Who accessed what, when, where, and what did they do? Pomerium provides fine-grained request-based audit logs, ensuring organizations can know everything that happens within their network.
(For a better understanding of how NIST defines the benefits of Zero Trust Architecture, read this blog post.)
At Pomerium and CHT Security, we believe that security should not come at the expense of usability or accessibility. Our joint ZTNA solution provides the best of both worlds, ensuring that your organization is secure without compromising on productivity or ease of use.
Want to know more about how Pomerium fits in zero trust access control? Check us out here!
More in Announcements
Announcing Pomerium v0.23
Announcing Pomerium v0.22
Announcing Pomerium v0.21
Signed Headers: A Safety Net for Application Security
Cryptographically signed headers are a failsafe authentication mechanism for protecting your applications when Mutual Transport Layer Security (mTLS, also known as mutual authentication) fails. Utilizing signed headers provides defense in depth to the protected application when: What are signed headers? Signed headers take the form of JSON Web Tokens (JWT) for allowing upstream applications to […]