Z is for Zero Trust

With increased data leaks and data breaches, the traditional way of protecting or securing infrastructure are outdated.

Today the IT experts say to trust no one and verify everyone.

Thus, zero trust. But what is Zero Trust? When was the first time this term was used? Who coined the term Zero Trust?

Starting with the basics, what is Zero Trust?

What is Zero Trust?

Zero Trust is essentially a security framework that requires all users to be authenticated, authorized, and continuously validated for security configuration and posture before they are granted access to any applications and data.

The users can be within or outside the organization’s network.

With Zero Trust there is only one assumption that there is no traditional network edge. With Zero Trust there is a belief that networks can be local, or in the cloud. The network can be a combination or hybrid with resources anywhere as well as workers in any location.

Zero Trust: The Definition

As defined by Zscaler.com, “Zero trust is a cybersecurity strategy wherein the security policy is applied based on context established through least-privileged access controls and strict user authentication—not assumed trust. A well-tuned zero trust architecture leads to simpler network infrastructure, a better user experience, and improved cyber threat defense.”

Image: what-is-zero-trust-security-callout. Source: https://www.akamai.com/our-thinking/zero-trust/zero-trust-security-model

What Does Zero Trust Seek to Address?

A framework designed to secure infrastructure and data for the contemporary digital transformation, Zero Trust, uniquely addresses the challenges faced by businesses in the present scenario. The challenges include – securing remote workers, hybrid cloud environments, and ransomware threats.

No doubt numerous vendors have tried to create their own definitions of Zero Trust, however, Zero Trust seeks to address the following key principles that are based on NSIT guidelines.

  1. Continuous verification is a must
  2. Limiting the ‘Blast Radius’ implying minimize the impact in case any external or internal breach happens
  3. Automating Context Collection and response  

Fundamental principles behind Zero Trust Network Access

Based on five basic principles the Zero Trust model believes that: 

  1. Every user connected to a network is hostile
  2. There is always a threat risk both externally as well as internally
  3. To decide whether the network can be trusted or not it is not sufficient to have network locality
  4. Each device, user, and network flow are not only authenticated but also authorized
  5. There must be dynamic policies, which must be calculated from as many data sources as possible

8 thoughts on “Z is for Zero Trust

  1. Hey Radhika,
    Thank you so much. Kudos to you as well. On 31st March I realized that April is starting and A 2 Z challenge will be the best way to build my new blog from a scratch. So, I went back to my previous challenge link, found Arlee’s blog link, and got myself registered there all on 31st March. Did a small post on it as well. So, yeah, this time it was quite unplanned. But I am glad, I did it. I have come across numerous topics I can write on, now. So, yes see you around.

    Liked by 1 person

  2. Interesting! Never heard of this term and knew manythings now. Hope it’s a fool proof security method then.

    Thanks for ur visits on my blog and reading many posts. My replies may get delayed so thot to convey here! Good luck with the blog and Congrats on completing a to z. From “The Pensive”


  3. Thank you and You are welcome. I was on a reading spree yesterday, so read most of the posts. There are still a few remaining, which I will read over the week. Apologies for not being regular during the challenge both in reading and writing. But not plan to rectify at least the reading part. Happy last Roza and Eid Mubarak to you and yours.

    As for foolproof, I don’t think we can say that because these hackers are way too smart and quick. I was reading an article by ZDNet.com wherein the author had mentioned that these hackers have organizations complete with call center services, admin guy and all that jazz.

    Liked by 1 person

  4. Whoa, a technical blog. Hats off to you. Interesting! And hoping to learn some new concepts here – will keep hopping around from time to time even though A-Z is done!
    Deepa from FictionPies


Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s