Tech Talk Tuesday – Zero Trust

Welcome to #TechTalkTuesday – where tech terms are defined, explained, and no longer a mystery. 

Today we’re exploring the term Zero Trust. Are you familiar with what the term means? Do you know how it impacts your business?  

Let’s dive in. 

Zero Trust is an IT framework that helps to enable some of the capabilities that can secure an organization’s network infrastructure. Zero Trust security demands strict identity verification for each device and person attempting to access any resources within a private network. One of the key principles of zero trust is referred to as least-privileged access. This principle makes the assumption that no user or device should be trusted, whether the user or device is located within the network perimeter or outside of the network perimeter, the Zero Trust strategy applies.  

 

A well-designed Zero Trust architecture will result in a better user experience, a simplified network infrastructure and also help to protect against cyberthreats. 

Zero Trust is not one single product that can be purchased. Instead, it is a holistic approach to network security. It can incorporate a number of principles and technologies. 

Think of it in these terms: 

  • Most legacy IT network security frameworks generally trust any person or device located inside the network perimeter.  
  • Zero Trust frameworks trust no person and no device.  

Another consideration is that legacy IT network security frameworks are based on what is known as the castle and moat concept. With these security models, it can prove difficult to gain access from outside of the network perimeter. But every person and device inside of the network is, by default, considered trustworthy. On the surface, this may seem idyllic. But the concern with this security model is that once a bad actor has access to the network, they will have free rein over everything inside the perimeter. 

Stay tuned for our white paper about Zero Trust! We can't wait to share it with you.