The zero trust model is going mainstream, and for good reason. The rise in advanced attacks, plus IT trends that include the move to hybrid cloud and remote work, demand more exacting and granular defenses.
Zero trust ensures verification and authorization for every device, every application and every user gaining access to every resource. This is a complete departure from the old model, where implicit trust was the norm and networks were protected by firewalls, VPNs and web gateways. After all, in the past it was safe enough to assume anyone or anything inside the firewall could be trusted.
What Is Zero Trust?
The concept was formally modeled and named in 2010 by Forrester Research principal analyst John Kindervag. (More detailed definitions are available in industry guidelines such as Forrester eXtended, Gartner’s CARTA and NIST 800-207.) But the idea has become mainstream in security circles in the past year. That’s because the sudden rush to remote work in 2020 exposed the flaws of the implicit trust model. It became clear that hijacking a remote worker was the key to entering the firewall via employee VPNs.
Zero trust has bonus benefits, too. It helps with compliance auditing and offers better insight into networks. It also bolsters ..
Support the originator by clicking the read the rest link below.
