What is a Zero Trust security model?
Zero Trust, at its core, is not a new concept. In fact, it has been over a decade since Forrester Researcher Jon Kindervag developed the Zero Trust origin concept that throws away trusted internal networks in place of an idea that considers all network traffic untrusted, inside or outside of its perimeters. His concept summarized in another way — "Never trust, always verify."
The Zero Trust concept comes with three guiding principles in addition to “never trust”:
- All resources must be accessed in a secure way, from a secure machine, regardless of location
- Access control is on a “need to know” basis correlated to a user’s identity and what that user is authorized to access
- Organizations must inspect and log all traffic to verify users are doing the right things
Download our E-book to learn how more about modern security and how to put Zero Trust into action.