Zero trust has become a dominant security model for the changes brought by mobility, consumerization of IT and cloud applications.
Today, the rise in a cloud‑connected, mobile and remote workforce has put the visibility and control of users and devices outside of the enterprise.
The perimeter has expanded beyond enterprise walls, making it more difficult for security and IT teams to verify user identities, and the trustworthiness of their devices, before granting both access to enterprise applications and data. The new workforce model today requires an equally extended security model. The extended perimeter is now centered around user identity and their devices. The extended workforce security model must be able to establish device and user trust, no matter where the user is physically, and no matter what kind of network they’re connecting from.
Zero trust treats every access attempt as if it originates from an untrusted network. A trust‑centric model is focused on authenticating every user and device before granting access to any application. A zero-trust approach doesn’t require a complete reinvention of your infrastructure. The most successful solutions should layer on top of and support a hybrid environment without entirely replacing existing investments.