The zero trust security model is proving to be one of the most effective cybersecurity approaches ever conceived.
Zero trust — also called zero trust architecture (ZTA), zero trust network architecture (ZTNA) and perimeter-less security — takes a “default deny” security posture. All people and devices must prove explicit permission to use each network resource each time they use that resource.
Using microsegmentation and least privileged access principles, zero trust not only prevents breaches but also stymies lateral movement should a breach occur. In the modern digital frontier, this approach has become invaluable.
Zero Trust Succeeds When Nothing Else Does
Perimeter protection defined most previous security models. The idea was that a company firewall would protect computers and services from outside interference. But combined with physical security, plus VPNs for “tunneling” remote, traveling or other outside-the-perimeter access, perimeter security has been steadily weakening.
Now, this type of security is nearly obsolete. Mobile computing, insider threats, remote work, the Internet of Things, cloud computing, sophisticated malware and just about every other major trend in business networking and global cybersecurity have obliterated the perimeter as an effective defense.
Instead of relying on a perimeter, zero trust uses continuous monitoring, validation and repeated authentication of users and devices. Zero trust works so well because every networked resource has its own multidimensional security requirements. For example, if a malicious hacker sits down at an authorized logged-in machine with authorized software installed, the attacker themselves shouldn’t be authorized.
In another case, an attacker might download usernames and passwords from ..
Support the originator by clicking the read the rest link below.
