In the cybersecurity world, Zero Trust has been the talk of the town in recent years. Most organizations now understand that the traditional ‘perimeter defense’ approach to cybersecurity is no longer sufficient and policing activity inside their networks is an important next step.
However, there are very few good definitions of what the ‘trust’ in Zero Trust actually refers to. Many people understandably assume it refers purely to user access and authorization—and while that is certainly an important component of trust, it’s far from the full story.
What Exactly is Trust?
Trust in IT is the assumption that a user, device, application, or service (A.K.A. a “subject”) is:
Who or what it claims to be
Allowed access to the resource it is requesting
Configured and behaving in an expected way
Free from compromise
Allowed to take the actions it is currently taking
This is a significant list of (Read more...)
*** This is a Security Bloggers Network syndicated blog from Cimcor Blog authored by Lauren Yacono. Read the original post at: https://www.cimcor.com/blog/what-is-trust-and-why-cant-we-assume-it
Support the originator by clicking the read the rest link below.
