Never trust, always verify (Zero Trust Security)
Zero trust is a security framework where all users and devices are continuously authenticated, authorized and verified for security configuration before granting access irrespective of whether they are within or outside the network.
Zero trust also focuses on the least privilege principle of giving minimum permissions to perform the task.
This is a shift from the traditional approach of Trust but Verify wherein users/devices inside the network are trusted putting the network at risk from malicious internal actors and legitimate credentials taken over by malicious actors, allowing unauthorized and compromised accounts wide-reaching access once inside.
Zero trust has 3 key principles:
- Continuous verification: Always verify access, all the time, for all resources.
- Limit the “blast radius”: Minimize impact if an external or insider breach does occur.
- Automate context collection and response: Incorporate behavioural data and get context from the entire IT stack (identity, endpoint, workload, etc..) for the most accurate response.