• Zero trust architecture works on the philosophy of “never trust and always verify”.
  • It utilizes micro-segmenting and reinforces perimeter cyber-security based on the user ID, location and other data permissions.
  • It uses public-domain tools to identify & verify a user, their device and confirm permissions associated with that identity.
  • It gives only application-layer access to the user, rather than network-wide access, typically using a whitelist of trusted apps on the user’s device.
  • It is extensible to use with various environments and other security software due to the foundation of standards-based components.
  • The design of a system like this is built to prevent threats from moving laterally through a network.

Full post here, 7 mins read