A Zero Trust architecture abolishes the idea of a trusted network inside a defined corporate perimeter. It mandates that enterprises create micro-perimeters of control around their sensitive data assets to gain visibility into how they use data across their ecosystem to win, serve, and retain customers.
Just like a zero-tolerance policy makes no exceptions to a rule, a Zero Trust strategy essentially trusts nothing and makes no assumptions on the trustworthiness of identities or peer systems. The approach doesn’t differentiate between internal and external network traffic, because doing so would be making an assumption or exception to the rule. Therefore, it treats all traffic and users the same–regardless of origination. This foundational “ground rule” sets the tone for building a complete Zero Trust architecture which essentially hardens the security of all important infrastructure making access to the data much more restricted, and hence much more resilient to attack.
While some argue that the basic concept of Zero Trust has been around for more than 20 years as the “original best practice” for firewalls and network security, the term itself started to gain traction in 2010 among analysts at Forrester.
Zero Trust is also being associated with the popular SASE security model, or Secure Access Service Edge. That’s because SASE solutions and frameworks include Zero Trust Network Access (ZTNA) solutions. What is ZTNA? Think of it as Zero Trust for network access security. As a network-level realization of the overall Zero Trust model of cybersecurity, these tools apply Zero Trust’s ground rules to network access.
Source: Forrester — Five Steps to a Zero Trust Network
Zero Trust steps up security because it establishes a discipline around these best practices:
With the status-quo no longer sustainable, CISOs are attempting to address the deficiencies of their traditional security practices. Zero Trust tackles two of today’s biggest underlying security issues:
To build a Zero Trust architecture, follow these basic steps:
In 2021, Zero Trust is demonstrating value as a proven and practical approach for work-from-home security, but the path to get there might be a bumpy one. Enterprises attempting a Zero Trust strategy reported that it requires a philosophical pivot in the way leadership thinks about security. Additionally, CISOs experienced challenges with the resources and tools needed for implementation and deployment. The benefits, however, are outweighing these challenges as Zero Trust prepares the enterprise for success. It’s gaining traction for good reason and there’s no doubt that it’s a strategy that will continue to escalate.
Ready for more? Get the Nemertes Research white paper, “Cutting through the Acronyms: Finding a Path to Zero Trust.”
Learn about what business leaders should do to create a technology-forward, future-ready enterprise.
Zero Trust Network Access gets mixed up with Zero Trust and SASE. Understand the differences and how it strengthens security.
Companies today have more security weaknesses. Explore three common blindspots and how to turn on the light switch.