Verizon Business Group has now embedded its Software Defined Perimeter (SDP) service over its Private IP networks, creating a Zero Trust Architecture. The service is now available to the company’s global Private IP and Ethernet customers who currently run over 330,000 connections covering 800,000 network route miles in more than 150 countries.
Verizon’s Zero Trust network essentially blocks connectivity to servers and applications from unknown devices, making corporate data virtually invisible to anyone without approved access.
“For the past decade, enterprises have connected their employees and third parties directly to their internal networks via virtual private networks (VPN). Once they are through the firewall, they then have access to a multitude of critical data. With Zero Trust Architecture embedded in the network, all users are isolated from the corporate network but are still able to directly access their authorized applications. It’s all about protecting corporate data, but also enabling people to do their job,” said Vickie Lonker, Verizon’s vice president of product management and development.
The technology isolates an enterprise’s servers from vulnerabilities and configuration errors and integrates multifactor authentication, using a One-Time Password (OTP) and Transport Layer Security (TLS) for multi-factor authentication. The newly-launched service can be switched on by simply deploying the necessary SDP clients and setting up authorized user lists for the applications that need to be accessed.
The rising number of remote employees with access to sensitive corporate information such as regulated data, intellectual property and corporate financial data - connecting via traditional virtual private network (VPN) technology - has led to the robust adoption of SDP. The 2019 Verizon Data Breach Investigations Report found that 29% of the 2000 data breaches investigated involved stolen credentials with misconfiguration errors in the cloud increasing year-over-year, highlighting the limitations of relying solely on perimeter security controls to protect corporate data.