About Zero Trust

Zero Trust is a set of principles and a related architecture to implement a ‘no trust’ way of thinking founded by John Kindervag in 2010. Zero Trust says no part of a computer and networking system can be implicitly trusted, including the humans operating it.

The main principle is ‘never trust, always verify’

  • Never trust anything by default
  • Every access request should be authenticated and authorized

You cannot control or secure everywhere your data must go in today’s world. The National Institute of Standards and Technology (NIST) Special Publication (SP) 800-207 provides the following definition of Zero Trust:

“A Zero Trust approach is primarily focused on data and service protection but can and should beexpanded to include all enterprise assets (devices, infrastructure components, applications, virtual and cloud components) and subjects (end users, applications and other non-human entities that request information from resources). Zero Trust is not a single architecture but a set of guiding principles for workflow, system design and operations that can be used to improve the security posture of any classification of information systems”

If you realistically assume a breach, you will need to Build and Mature your Cybersecurity Program based on business outcomes impact.

It’s not about to guarantee a Perfect Security against Cyberthreats, but to Improve your Detection and Response abilities at the right level to guarantee a Business Resilience.

About Zero Trust Architecture

The Zero Trust Model uses the principles of Zero Trust to define high-level domains or pilars where you should apply the principles: ‘Never trust, Always verify’.

It effectively assumes that the perimeter is dead, and we can no longer operate on the idea of establishing just a perimeter with a lower level of security inside where everything is trusted. This has unfortunately been proven ineffective through multiple breaches where attackers simply entered the perimeter through trusted connections via attack vectors such as Phishing, Compromised Credentials, Social Engineering, etc.

Zero Trust Architecture (ZTA) is based on Zero Trust principles and designed to prevent data breaches and limit internal lateral movement in an end-to-end approach to enterprise resource and data security that encompasses Identity (person and non-person entities), Endpoints, App management, Hybrid environments, interconnected Infrastructure and Data.

Entities everywhere

Identity

Endpoints

Mutilple user experiences

Apps

Network

Resources anywhere

Infra

Data

Zero Trust Maturity Model classified by 6 pillars with common domains to support your transition to Zero Trust