KEMBAR78
Zero Trust Security Model Explained | PDF
Scribd
Upload
193 views4 pages

Zero Trust Security Model Explained

Zero trust security is an IT security model that requires strict identity verification for every person and device trying to access private network resources, whether inside or outside the network perimeter. It is a holistic approach incorporating several principles and technologies, unlike traditional network security which is based on trusting all inside the network by default once access is obtained. Zero trust is based on four principles including least-privilege access with continuous authentication of users, devices, and workloads before and during access, as well as application-level microsegmentation without network segmentation and keeping applications and networks invisible to the open internet via encrypted microtunnels.

Uploaded by

Frankie Puch
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
193 views4 pages

Zero Trust Security Model Explained

Zero trust security is an IT security model that requires strict identity verification for every person and device trying to access private network resources, whether inside or outside the network perimeter. It is a holistic approach incorporating several principles and technologies, unlike traditional network security which is based on trusting all inside the network by default once access is obtained. Zero trust is based on four principles including least-privilege access with continuous authentication of users, devices, and workloads before and during access, as well as application-level microsegmentation without network segmentation and keeping applications and networks invisible to the open internet via encrypted microtunnels.

Uploaded by

Frankie Puch
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 4

What is Zero Trust?

Zero trust security is an IT security model


that requires strict identity verification for
every person and device trying to access
resources on a private network, regardless
of whether they are sitting within or outside
of the network perimeter. No single specific
technology is associated with zero trust
architecture; it is a holistic approach to
network security that incorporates several
different principles and technologies.

Traditional IT network security is based on


the castle-and-moat concept. In castle-and-
moat security, it is hard to obtain access
from outside the network, but everyone
inside the network is trusted by default. The
problem with this approach is that once an
attacker gains access to the network, they
have free reign over everything inside.
Zero trust is based
on four principles

Least-privilege access with all


entities (users, devices, and
workloads) being authenticated
before granting access and
continually re-authenticated and
re-authorized based on context.

Microsegmentation at the
application level without network
segmentation.

Applications and network remain


invisible to the open internet.

The internet becomes the new


transport network via encrypted
microtunnels

You might also like