Digital transformation accelerates the implementation of the concept of "zero trust"

Driven by the Digital transformation of enterprises, and affected by the COVID-19, the users and market scale of remote office showed explosive growth.
Industry insiders said that the impact of the epidemic was only a catalyst for the accelerated development of telecommuting, while Digital transformation of enterprises was the original driving force for the development of telecommuting. The Digital transformation of enterprises and the new remote office business promoted by it have expanded the network security risks. Under this situation, the concept of "zero trust" has replaced the security architecture centered on the physical network boundary, providing strong support for enterprises to quickly adapt to and meet the security needs of Digital transformation in the "cloud era".
Digital transformation is the original driving force of telecommuting. According to an IDC survey, by 2021, global enterprise cloud data will surpass local data for the first time, and many enterprises' remote work will become the norm.
Experts suggest that from a deeper perspective, remote work should not be seen as a special form of work during special periods, but rather as a norm for future oriented work models.
In European and American countries, remote work has become a work mode. According to a study by the Prospective Industry Research Institute, as of 2017, over 80% of American companies have introduced remote work models, with 30 million people using remote work from home. In China, remote work is more often used as an auxiliary means of daily work.
According to data from iMedia Consulting, the scale of China's intelligent mobile office market reached 28.8 billion yuan in 2019, and it is estimated to reach 44.9 billion yuan in 2020. Experts said that the epidemic was only a catalyst for the accelerated development of remote office, and its original driving force was the Digital transformation of enterprises. Remote office is the inevitable result of scientific and technological progress, as well as the concrete embodiment and important way of enterprise Digital transformation. The "cloud era" is rapidly approaching, and the cloud is an inevitable trend in enterprise office scenarios.
At present, the penetration rate of remote work in China is still relatively low, and there is significant development space and opportunities. With the popularization of 5G technology and the development of cloud computing technology, issues such as video lag and sound delay will be effectively improved, and user experience is expected to be greatly improved. The remote communication industry will achieve tremendous development.
Remote work poses security risks. According to expert analysis, current technologies and applications can help many enterprises quickly achieve remote work. However, when enterprises switch to remote work mode, ensuring data security in remote work is of utmost importance.
Experts say that in order to support remote access, highly sensitive business systems that could only be accessed from the internal network have to be open to the Internet, which undoubtedly expands the exposure area of the network and puts the business system in a more dangerous situation. As the attack surface continues to expand, scarce IT resources will find it difficult to manage increasingly complex network architectures.
Specifically, the borderless network environment of mobile internet, coupled with the breakthrough of remote work beyond traditional business boundaries, all pose risks and challenges to enterprise network security. The identification of employees accessing from different locations, decentralized terminal security protection in multiple locations, and uncertainty in network information encryption all make the access environment extremely complex; At the same time, the traditional network architecture used by some enterprises also exposes a large number of high-risk business ports, making it possible for the core business and data of the enterprise to be leaked due to hacker attacks. In addition, the formal implementation of the Equal Protection 2.0 standard also has clear requirements for enterprises from various aspects such as network boundary isolation, trusted channels, access control, identity permission control, security auditing, etc. If the remote office system used by enterprises cannot pass the uation, they will be required to rectify.
The concept of "zero trust" provides support for Digital transformation of enterprises. With the increasing demand for remote work and the development of cloud computing, the security concept that primarily focused on physical network boundary isolation will not be able to cope with new security threats, and the "zero trust" security concept has become popular.
'Zero trust' can effectively prevent threats to enterprise applications and data assets caused by network attacks, making it an excellent choice for enterprises to solve remote office security problems. 'Chen Benfeng, founder and CEO of Yunshen Internet and leader of the SDP working group of the International Cloud Security Alliance CSA (Greater China), said that in the past, it was always difficult to achieve an ideal balance between security and convenience, but now remote office solutions based on the concept of' zero trust 'have emerged, Especially SDP (Software Defined Boundary) technology can improve security for enterprises and make it more user-friendly for employees.
Chen Benfeng believes that the "zero trust" model replaces the security architecture centered around physical network boundaries, ensuring dynamic implementation of security access decisions based on identity, device, and user environment, and preventing threats. He said that the attack and defense of the digital world are always on. The protection model based on the concept of "zero trust" can continue to promote the reform of enterprise network security architecture, and provide agile and efficient support for enterprise Digital transformation.
Sun Fangting, Senior Strategic Product Director of Tencent Security, stated that "zero trust" represents the new generation of network security protection concept, and security defense based on the "zero trust" principle can establish a solid security defense line in complex situations. In his view, "zero trust" should integrate elements such as identity security, device security, link security, and application access security, and ensure business security through a series of means.