Miercom's Zero Trust Benchmarking Report Compares the Top 5 Platforms
In March 2024, Miercom published the Miercom Zero Trust Platform 2024 report, which contained a comprehensive third-party hands-on assessment of several vendors’ zero trust platforms.
In doing so, it implemented some of the most common enterprise use cases for zero trust platforms, including:
- URL access restrictions
- Integration with cloud service providers
- Protection against phishing attacks
Each platform was then scored based on its performance in these use cases. Evaluation criteria included ease of use, the risk of making mistakes, coverage of key functionality, and other factors.
Key Findings from Miercom's Report
The Miercom report assessed zero trust platforms across three main areas:
- Administrator and User Experience (UX): Platforms were scored based on overall ease of use from both the administrator’s and user’s perspective.
- Security Efficacy: Zero trust platforms were evaluated based on how well they prevented and responded to threats in the evaluated use cases.
- Zero Trust Implementation: Miercom implemented ten use cases with each platform and scored them on how well the platforms supported these use cases.
Check Point scored highest across all three criteria, earning it the Miercom Certified Secure award. For each criterion, Check Point’s score exceeded that of the other solutions in the study, demonstrating that it is a well-rounded and highly effective zero trust platform.
Features of a successful Zero Trust Platform
Here are the key components of a zero trust platform:
- Multi-Factor Authentication (MFA): MFA increases the difficulty for an attacker to take over a user account via compromised credentials.
- Least-Privilege Access: An effective zero trust platform should enable organizations to enforce least-privilege access security controls. These ensure that users, devices, and other entities only have the privileges required for their roles.
- Granular Access Control: The zero trust security model mandates explicit verification of every access request. To accomplish this, the zero trust platform must have very granular access controls.
- Segmentación de red: Network segmentation breaks the network into isolated segments. Supporting network segmentation and micro segmentation is essential to implement the granular access control required by zero trust.
How to Assess Security Capabilities
Here is what to look at when assessing the security capabilities of zero trust platforms:
- Security Efficacy: Does the solution provide comprehensive threat visibility and protect against the full range of cybersecurity threats?
- Platform Completeness: Can the solution protect all enterprise domains and assets including public and private cloud assets/workloads, on-premises environments, workspace, remote or roaming users, end point devices, IoT devices, and mobile devices?
- User Identity and Access Management (IAM): Does the platform enable the organization to implement zero-trust access controls through native or integrated 3rd party Identity services?
- Network Security: Does the platform support microsegmentation and granular network access control (NAC) for on-premises, cloud, SASE (Firewall-as-a-Service), and Remote Access VPN access methods?
- Data Security: Does the platform support data loss prevention (DLP) and ensure that data is encrypted at rest and in transit? Does the platform protect against inadvertent data leakage or misuse of Generative AI applications by employees.
- Compliance: Does the platform’s capabilities enable implementation, tracking, and reporting to assure compliance with regulations (Financial, Healthcare, etc.) and industry standards?
Evaluating Deployment and Integration
In addition to protecting the organization against potential threats, a zero trust platform should also be deployable within an organization’s existing security framework.
Some key elements to look for in a zero trust platform include the following:
- Platform Compatibility: A zero trust platform will need to integrate with other security solutions to implement access controls and enforce zero trust policies. A zero trust platform should enable easy integration with an organization’s existing security architecture.
- Scalability: A zero trust platform needs to be able to explicitly verify every request for access to corporate resources. Therefore, the platform needs system resilience and scale to meet unpredictable demand spikes without compromising performance or security.
- User Experience: A zero trust platform should offer a good Admin and User experience to ensure that administrators can easily integrate systems, define policies, and identify potential intrusions without hampering workforce productivity and requiring unnecessary trouble tickets to deal with recurring IT issues.
- Deployment Complexity: A zero trust platform should be straightforward for administrators to deploy and configure. This will expedite the initial deployment and also any changes that need to be made to the architecture in the future.