Zero Trust
Definition
Zero Trust is a security model based on the principle "never trust, always verify". No user, device or system automatically receives access, regardless of whether it is inside or outside the network.
Zero Trust rejects the traditional perimeter-based security model in which everything within the network was considered trusted. In a Zero Trust architecture, every access request is checked for identity, device posture, location and context.
Core principles are: continuous verification, least privilege access, microsegmentation and assume breach. Popular implementations include identity and access management (IAM), multi-factor authentication and application segmentation.
Zero Trust is particularly relevant in a world of remote work, cloud and BYOD, where the traditional network perimeter is blurring.