Demystifying 'zero trust' and its role in cybersecurity

Demystifying 'zero trust' and its role in cybersecurity

The principle of ‘zero trust’ in cybersecurity is simple: Trust nothing, and verify everything.

What this means is that organisations should protect all of their resources, no matter where they reside and ensure that every network connection is, by default, untrusted.

This principle is especially important now that the traditional network perimeter for most organisations has dramatically changed.  The corporate network has expanded to include cloud platforms, applications and data while an increasing number of employes are working remotely.  Every person connecting to important applications and data must be scrutinised and treated with caution. 

Of course, trust must be established for these connections to work as intended, but the key to zero trust is that those connections are constantly re-evaluated to protect them from internal and external threats.

Zero trust runs on an assumption that people are acting on these threats and trying to attack an organisation all the time.  Every connection, user, and device must be authenticated before it tries to make a connection.

And of course, zero trust should be dynamic, acting in real time and drawing on as many data sources as possible to make the best decisions. According to cybersecurity firm Sophos, static security policies don’t offer protection if a device has been compromised while the user is still on it.

How does zero trust work? The four core elements

Sophos’ Demystifying Zero Trust white paper breaks down the four core elements of zero trust.

Always identify: Choose a single identity source that can be used with Single Sign On (SSO) and multi-factor authentication for the strongest identity verification possible.

Always control: Deploy control ..