Trust. It’s essential in successful relationships. A lack of trust among people can be hurtful – or demeaning. But in security, trusting no one — or nothing — until it is verified is becoming a smart strategy for defensive posture. It’s a concept known as Zero Trust.
A Zero Trust model embraces three principles:
Verify explicitly, by continuously authenticating and authorizing access
Use least-privileged policies to limit user access with just-in-time and just-enough-access, and
Assume breach, which minimizes a breach radius by segmenting access by network, user, devices, and app awareness.
Zero Trust is different from a perimeter-based defense because instead of only building a moat, security teams also focus on protecting what’s inside the perimeter with strong authentication and security standards that minimize privileges, giving users access only to those things they need to do their work.
Zero Trust is catching on in the enterprise: IDG’s 2020 Security Priorities study shows that one in four companies have deployed Zero Trust technologies and another 50% are researching or piloting Zero Trust solutions.
In this episode, we look at the steps organizations are taking toward Zero Trust and provide recommendations for making the most of a Zero Trust model to reduce risk while helping employees be more productive, regardless of where they’re working from.
