- Zero trust architecture works on the philosophy of “never trust and always verify”.
- It utilizes micro-segmenting and reinforces perimeter cyber-security based on the user ID, location and other data permissions.
- It uses public-domain tools to identify & verify a user, their device and confirm permissions associated with that identity.
- It gives only application-layer access to the user, rather than network-wide access, typically using a whitelist of trusted apps on the user’s device.
- It is extensible to use with various environments and other security software due to the foundation of standards-based components.
- The design of a system like this is built to prevent threats from moving laterally through a network.
Full post here, 7 mins read