An effective ZTA relies on strong device identity and management capabilities to accurately evaluate access requests. However, attackers can bypass ZT security protocols by spoofing a legitimate, trusted device. Spoofing Devices sit on the Physical Layer and run passively with no inbound traffic, operating under the radar of existing security solutions, including NAC, resulting in a lack of complete asset visibility. The lack of visibility limits the ZTA’s efficacy as it enables attackers to not only gain unauthorized network access but also move laterally throughout the network, circumventing micro-segmentation. IoT cybersecurity is at risk since IoT devices are also vulnerable to Physical Layer manipulation. As IoT devices require network access, they are valuable attack vectors for malicious actors, thus increasing the attack surface and, subsequently, the risk to the enterprise.
Access policies are another source of information that the ZTA relies on when making access decisions. Such policies, however, are based on asset and network traffic data. The gap in visibility means that access policies are created without complete information, limiting their validity and reliability. More importantly, the policies will not be enforceable on assets that are not visible. So, while the validity of access policies can be questioned, they do not actually protect the enterprise from hardware-based attacks since the attack tools go undetected.Download Solution Brief