Zero Trust is a security strategy that challenges old beliefs. It proposes a fundamental shift in the way we protect our networks. Instead of assuming implicit trust, this approach adopts the premise of “never trust, always check“.

 

The origin of Zero Trust

In 2010, research analyst John Kindervag introduced the idea of Zero Trust, moving away from the conventional “trust but verify” approach to a more cautious model. Here, trust is not automatically granted to any user or device, but is verified on an ongoing basis.

 

How Zero Trust works

Imagine a scenario where every user, device and application must be authenticated and authorised before accessing resources on a private network. This verification process applies to those inside the network as well as those outside it, regardless of their previous access history. The underlying premise is the assumption that all machines and users are potentially untrusted until proven otherwise.

The virtual security guard analogy

We can liken the Zero Trust model to a rigorous security guard who, even if he knows you, systematically verifies your credentials before allowing you access. This process is repeated continuously to ensure that your identity remains authenticated.

 

Stopping digital threats

Zero Trust implements strong authentication and continuously monitors user and device behaviour. If any unusual behaviour is detected, it is considered a sign of risk and preventative measures are taken. For example, if a user attempts to access the network from an atypical location, additional authentication will be requested.

 

End of common threats

This approach eliminates threats that traditionally exploited weaknesses in the security perimeter. By requiring mutual authentication between users and applications, Zero Trust sets a new standard for digital security, breaking with traditional strategies.

 

In short, Zero Trust represents an evolution in enterprise security by challenging the notion of default trust and prioritising continuous authentication and constant verification.