Zero Trust Definition & Meaning

The Zero Trust Security framework is based on the concept of trust nothing and verify everything. It affirms that organizations must authenticate and authorize every user or device connecting to a network internally or externally before granting them access to any data or application. This is a major shift from traditional castle-and-moat network security methods that focused primarily on perimeter security and by default trusted connections that passed through the perimeter to move freely throughout the network.

Perimeter-based approaches to cybersecurity leave organizations vulnerable to malicious actors gaining access to all applications and environments across a network. Zero Trust secures this lateral traffic. Lateral movement represents the methods used by attackers to navigate a network in search of valuable assets and data. This model was developed by a Principal Analyst at Forrester Research Inc., John Kindervog, in 2010.

Least privilege access

The Zero Trust model relies on the foundation of least privilege access, which acknowledges that trust is a vulnerability. This means that users and devices can only gain access to the network resources they need based on assigned permissions. Authenticating and authorizing every user and device minimizes exposure to sensitive data and secures lateral traffic across a network.

Microsegmentation

At the core of Zero Trust Security is microsegmentation. This method involves breaking up a network into software-defined segments and defining governance policies for each segment at a granular level. Policies are defined according to user identities and device functions to prevent them from accessing any single network segment without separate authentication and authorization. Microsegmentation reduces the overall attack surface, limiting malicious attackers’ ability to move laterally to different zones throughout a network.

Microsegmentation also improves threat detection and response. When policy violations are detected, microsegmentation software tools send out real-time alerts and block unauthorized connections so system admins can act fast to remediate possible breaches.

Zero Trust technology

The zero trust framework also relies on various technologies for enforcing authorization of lateral traffic. Three of the most vital are next-generation firewalls, multi-factor authentication (MFA) and identity access management (IAM) tools.

Next generation firewalls use virtualization technology to create the borders between network segments that users and devices need authorization to pass through.

Multi-factor authentication extends the ability to verify users by requiring credentials, such as a username and password, as well as one or more additional verification measures, including biometric verification or one-time passwords (OTP).

Identity Access Management provides the ability to assign permissions to users and devices, which are used to verify access to individual network segments.






Avatar
Kyle Guercio
Kyle Guercio has worked in content creation for six years contributing blog posts, featured news articles, press releases, white papers and more for a wide variety of subjects in the technology space.

Top Articles

Huge List Of Texting and Online Chat Abbreviations

From A3 to ZZZ we list 1,559 text message and online chat abbreviations to help you translate and understand today's texting lingo. Includes Top...

How To Create A Desktop Shortcut To A Website

This Webopedia guide will show you how to create a desktop shortcut to a website using Firefox, Chrome or Internet Explorer (IE). Creating a desktop...

The History Of Windows Operating Systems

Microsoft Windows is a family of operating systems. We look at the history of Microsoft's Windows operating systems (Windows OS) from 1985 to present...

Hotmail [Outlook] Email Accounts

  By Vangie Beal Hotmail is one of the first public webmail services that can be accessed from any web browser. Prior to Hotmail and its...

Supply Chain Definition &...

A supply chain is a network between an organization and its suppliers to...

Relational Database Definition &...

A relational database stores and connects data in tables and columns, emphasizing the...

Common Business-Oriented Language (COBOL)...

What is COBOL? COBOL stands for Common Business-Oriented Language. It is a 60-year-old programming...