Zero trust security is a philosophical approach that protects data and focuses on identity and access management. Compared to perimeter security approaches, zero trust assumes that everything is compromised and applies the principle of least privilege to pieces of the architecture that were once considered secure. For example, employees and partners, endpoint devices, and software-as-a-service (SaaS) products must authenticate themselves every time they attempt to access systems.
Zero trust assumes that everything is compromised and applies the principle of least privilege to pieces of the architecture that were once considered secure.
As new mobile apps, artificial intelligence (AI), and machine learning (ML) drive innovation in virtually every industry, stronger security practices must be adapted to keep up. In fact, digital transformation can create vulnerabilities from the core to the edge, as cloud services and microservices architectures work in tandem with legacy systems and Internet of Things (IoT) devices collect and send high-value data from unsecured locations at the edge. Organizations must pay closer attention to which systems and who can access different data sources.
With zero trust, every user, device, and application instance must prove that they are who they claim to be and that they are authorized to access every resource. A properly functioning, efficient zero trust architecture consistently evaluates and authorizes access on a case-by-case basis.
Perimeter of trust
- The network is trustworthy
- Central Threat
- IP-based ACL control
- Limited segmentation policy
- Strengthened perimeter security
Zero trust. Excludes the perimeter
- Mitigating network trust
- Focus on trust
- Identity-based access control
- Software-defined security perimeter
- Security Visibility and Analysis
