Andrey Popov -

Forcepoint: Zero trust has to be about the data

Security firm Forcepoint’s Northern EMEA vice-president says that while the term ‘zero trust’ is overused, the need for the technology remains high

Zero trust is a phrase that is at risk of losing its impact because of its overuse, but the concept behind it remains vitally important and the channel needs to continue with customer education efforts.

The need for a zero-trust approach is more important with the rise in home working, given its ability to handle emerging threats and react to the shift beyond the confines of the corporate office and network.

“It is the way that we need to go as everyone moves to cloud and transitions to remote working [due to] Covid-19,” said Ed Stirzarker, vice-president of Northern Europe, Middle East and Africa (EMEA) at Forcepoint.

“It’s all about protecting data. If you look at why are we going to put zero trust in place, [it’s to be able] to say this employee of ours can only access these applications in these areas of our environment. Fundamentally, it’s because you want to prevent your most sensitive data from leaving your organisation, whether that’s the crown jewels of your IP or your customer database,” he added.

Forcepoint is expecting its channel to pitch zero trust as part of a larger conversation around security transformation, which also includes SASE and taking a “data-first approach”.

Stirzarker agreed that there had been plenty of activity in the market, with vendors understandably putting their own spin on zero trust. But that means it’s more important for the channel to underline the threat that the technology is countering and the need for protection.

“The importance is on the focus on the data, which I believe is the right way to think about it,” he added. “It’s important as well that as we talk about why zero trust is coming to fruition, if we are to be able to explain and articulate the importance of that without putting our vendors’ spin on it.

“It’s important that more talk about zero trust. It’s generally a good thing that everyone’s talking about it because it makes people aware. It gets people at board level thinking, ‘OK, maybe we do need to take this seriously’,” he said.

He added that VPNs present a clear opportunity for partners to talk to customers about a zero-trust strategy, as VPNs are often not designed to cope with the amount of remote working traffic now going through them.

“We don’t need to go back to that world of getting on a train or in traffic for two hours to four hours every day. But the only way we’re going to [forge ahead] is if we give the users, our customers, the tools to do their jobs in a secure fashion – and that’s what zero trust is about for me,” said Stirzarker.

Forcepoint is looking at unveiling an enhanced partner programme later this year, with rewards on offer to those that understand and take the zero-trust message out to customers.

Read more on Data Protection Services