With increased data leaks and data breaches, the traditional way of protecting or securing infrastructure are outdated.
Today the IT experts say to trust no one and verify everyone.
Thus, zero trust. But what is Zero Trust? When was the first time this term was used? Who coined the term Zero Trust?
Starting with the basics, what is Zero Trust?
What is Zero Trust?
Zero Trust is essentially a security framework that requires all users to be authenticated, authorized, and continuously validated for security configuration and posture before they are granted access to any applications and data.
The users can be within or outside the organization’s network.
With Zero Trust there is only one assumption that there is no traditional network edge. With Zero Trust there is a belief that networks can be local, or in the cloud. The network can be a combination or hybrid with resources anywhere as well as workers in any location.
Zero Trust: The Definition
As defined by Zscaler.com, “Zero trust is a cybersecurity strategy wherein the security policy is applied based on context established through least-privileged access controls and strict user authentication—not assumed trust. A well-tuned zero trust architecture leads to simpler network infrastructure, a better user experience, and improved cyber threat defense.”
What Does Zero Trust Seek to Address?
A framework designed to secure infrastructure and data for the contemporary digital transformation, Zero Trust, uniquely addresses the challenges faced by businesses in the present scenario. The challenges include – securing remote workers, hybrid cloud environments, and ransomware threats.
No doubt numerous vendors have tried to create their own definitions of Zero Trust, however, Zero Trust seeks to address the following key principles that are based on NSIT guidelines.
- Continuous verification is a must
- Limiting the ‘Blast Radius’ implying minimize the impact in case any external or internal breach happens
- Automating Context Collection and response
Fundamental principles behind Zero Trust Network Access
Based on five basic principles the Zero Trust model believes that:
- Every user connected to a network is hostile
- There is always a threat risk both externally as well as internally
- To decide whether the network can be trusted or not it is not sufficient to have network locality
- Each device, user, and network flow are not only authenticated but also authorized
- There must be dynamic policies, which must be calculated from as many data sources as possible
DeepTech Writer 
A good wrap up post for the A to Z challenge Swati. Kudos on completing it 👍🏻
Have a lovely Sunday ❤️
LikeLiked by 1 person
Hey Radhika,
Thank you so much. Kudos to you as well. On 31st March I realized that April is starting and A 2 Z challenge will be the best way to build my new blog from a scratch. So, I went back to my previous challenge link, found Arlee’s blog link, and got myself registered there all on 31st March. Did a small post on it as well. So, yeah, this time it was quite unplanned. But I am glad, I did it. I have come across numerous topics I can write on, now. So, yes see you around.
LikeLiked by 1 person
I learned things with you this month. Always a good use of time, thank you!!!
LikeLike
Thank you so much for your appreciation. Keeps me motivated.
LikeLike
Interesting! Never heard of this term and knew manythings now. Hope it’s a fool proof security method then.
Thanks for ur visits on my blog and reading many posts. My replies may get delayed so thot to convey here! Good luck with the blog and Congrats on completing a to z. From “The Pensive”
LikeLike
Thank you and You are welcome. I was on a reading spree yesterday, so read most of the posts. There are still a few remaining, which I will read over the week. Apologies for not being regular during the challenge both in reading and writing. But not plan to rectify at least the reading part. Happy last Roza and Eid Mubarak to you and yours.
As for foolproof, I don’t think we can say that because these hackers are way too smart and quick. I was reading an article by ZDNet.com wherein the author had mentioned that these hackers have organizations complete with call center services, admin guy and all that jazz.
LikeLiked by 1 person
Whoa, a technical blog. Hats off to you. Interesting! And hoping to learn some new concepts here – will keep hopping around from time to time even though A-Z is done!
Cheers,
Deepa from FictionPies
LikeLike
Hey Ddeepa,
Thank you. Sure, do keep dropping. I plan to make it more technical.
LikeLike