What is zero-trust security?
Zero trust is a security model used to secure an organization based on the idea that no person or device should be trusted by default, even if they are already inside an organization’s network. A zero-trust approach aims to remove implicit trust by enforcing strict identity authentication and authorization throughout the network, not just at a trusted perimeter. In this model, every request to access resources is treated as if it comes from an untrusted network until it has been inspected, authenticated, and verified.
Forrester Research analyst John Kindervag first proposed the zero-trust security model in 2010. It marked a shift away from traditional IT security models, which primarily focus on defending access at the network perimeter and assume everything inside can be trusted.
Unfortunately, the traditional approach offers little defense if attackers gain access to a network. Once in, attackers can move freely and attempt to extend their access to high-value data and assets—a technique known as lateral movement. Today, this is even more problematic in modern IT environments as resources and data are spread out, making it difficult to implement security control over a network from a single point.
A zero-trust approach can help companies strengthen their IT environment security and help them limit or prevent attacks.
Learn more about how Google implements its BeyondCorp zero-trust cloud security model to shift access controls from network perimeter to individual users and devices.
Zero trust is a cloud security model designed to secure modern organizations by removing implicit trust and enforcing strict identity authentication and authorization. Under zero trust, every user, device, and component is considered untrusted at all times, regardless of whether they are inside or outside of an organization’s network.
How does zero trust work?
Zero trust eliminates the idea of a trusted network edge and assumes that any user or service requesting access is a potential threat, regardless of whether they are inside your network or how many times they have connected before.
The three zero-trust concepts
Why use a zero-trust model?
Zero-trust security requires businesses to know where assets are located and continuously monitor what identities are accessing resources and how. This improves visibility and context of traffic, asset inventory, and risk management.
Limit the blast radius of breaches
Since identities are given least-privilege access, zero trust helps to limit the scope of damage if and when a breach does occur. This allows teams to respond and mitigate attacks faster, and minimizes the risk of further exposure.
Access control in modern IT environments
With zero-trust architecture, security policies are based on identity and associated with specific workloads. This puts security close to the assets being protected, allowing it to travel with the workload, regardless of the environment.
Consistent, adaptable security
Security policies are centrally managed in zero-trust models and rely on automation to help migrate and update policies according to context. Security becomes more agile and scalable, while also reducing the burden on administrators.
Reduced attack surface and risk
Zero trust isolates traffic and creates network segments that prevent lateral movement and stop any potential infections from spreading to critical resources. Any suspicious activity can be inspected and identities re-verified again with policies and controls, decreasing the chance of a successful breach.
Under zero trust, all traffic and requests are logged and evaluated. In addition, it locks down access to resources. This not only provides a clear audit trail if a breach does occur, but also makes it easier to prove that you have done everything possible to meet data privacy requirements and standards.