ARTICLES

Total Access in a Zero Trust Environment

During the past decade, consumers saw dramatic changes in the technology, services, and gadgets available to them – witness: social media, iPhones, and cloud. During this period, enterprise teams also saw big changes in how they should operate their IT infrastructure. From the perspective of cyber security, perhaps the biggest element of these changes has involved massive shifts in how employees gain access to corporate information and resources.

The traditional model, of course, has always involved a firewall-protected corporate enterprise, accessible to employees either through remote access gateways or directly on the local area network (LAN). Entry to the LAN usually required a combination of physical presence in a facility, as well as acceptance by a network access control (NAC) system governed by a set of admission policies dictated by the security team and enforced on the network.

More recently, of course, this approach has shifted toward a concept commonly referred to as zero trust. The idea is that employees and other authorized users access resources without the presumed trust that comes from a remote access gateway or physical LAN presence. We learned more about this recently from Michael Oldham, CEO of Massachusetts-based PortSys, which offers a solution called Total Access Control that helps security teams achieve zero trust.

“Ever since the company was founded in 2008, our goal at PortSys has been to simplify the IT infrastructure of our enterprise customers,” explained Oldham. “We do this now by offering a platform that transforms end user access, consistent with the goal of zero trust. We help our customers achieve simpler, stronger, and more integrated controls – and, in many cases, this involves consolidating their IT and security point solutions into something more unified.”

The way TAC works is that the PortSys platform is positioned in a manner that creates direct visibility to all access requests for an organization. TAC reviews the attributes of a user’s request, including any multi-factor authentication proof and reported credentials, to determine consistency with policy. TAC thus enables secure access from any device, controlled proxy-based access, and support for multiple levels of security including Geo-IP data.

Security can be tuned to individual resources, and a portal is available that helps users understand which resources are available to them. This includes easy-to-use, single sign-on (SSO)-based access to authorized resources. “The TAC function supports resource access control in a flexible manner,” Oldham added. “And it works just as well in a local area network as it does in modern public cloud infrastructure.”

From a TAG Cyber analyst perspective, it’s impossible not to be super-supportive of any commercial attempts to drive greater adoption of zero trust access in the enterprise. To this end, the PortSys TAC solution certainly looks like it is well worth reviewing if you run enterprise

IT infrastructure. From a business perspective, however, this is a crowded commercial area, so PortSys will have to deal with a highly competitive marketplace.

That said, Michael Oldham and his team have good experience and a deep understanding of practical matters related to IT and security systems. They are determined to drive TAC as a major player in the zero trust market, and we encourage users to give them a call to better understand how their offer might be deployed and used. As always, please reach out and share your learnings after you meet with PortSys.Ac

We look forward to hearing from you.