Zero trust is a security model based on the premise that no one is blindly trusted and allowed to access
Zero trust is a security model based on the premise that no one is blindly trusted and allowed to access company assets until they have been validated as legitimate and authorized. It is designed to selectively grant access to only the resources that users or groups of users require and nothing more. This is known as ‘least privilege access’. Also, those who are granted access to the network, data, and other assets are continuously required to authenticate their identity.
The rise of mobile and remote workers and cloud services has accelerated the adoption of zero trust. These trends reduced the ability of the organization to control and secure access to data and network resources. Zero trust brings this control back.
History of Zero Trust
The term “zero trust” was coined by Forrester analyst John Kindervag. In his research, he explained the importance of inherent “non-trust” when dealing with network traffic, no matter where it comes from. However, many of the notions expressed in zero trust networking can trace their origins to a much earlier concept, put forth in 2004 by the Jericho Forum, called de-perimeterization.
Principles of Zero Trust
The 3 core principles of the zero-trust model are-
- Grant the least amount of privileges- The basic principle of zero trust centers around the idea of granting the least amount of privilege without impacting an individual’s ability to complete their tasks.
- Never trust, always verify- No action or user is inherently trusted within a zero-trust security model.
- Always Monitor- Zero trust requires consistent monitoring and evaluation of user behavior, data movements, network changes, and data alterations.
Types of Zero Trust
Currently there are two distinct applications for the zero-trust model-
- Zero Trust Network Access- Zero Trust Network Access (ZTNA) is a zero-trust solution for remote access to an environment. It is a modern way to secure access to the network. It uses a cloud-first, software-based approach to replace the hardware of legacy VPNs.
- Zero Trust Data Protection- Zero Trust Data Protection (ZTDP) is a new security framework. It is defined as an application of the core principles of zero trust in order to guard your data from unauthorized viewing, movement, alteration, and exfiltration.
Zero Trust has emerged as a core strategy in enterprise security. To plan your Zero Trust strategy contact us at email@example.com