Unless you’ve been living under a rock, chances are you’ve heard about the zero-trust security model. The name is enticing. It implies all devices, resources, systems, data, users and applications are to be treated as untrusted. Cybersecurity professionals don’t want to think of themselves as overly trusting, so zero trust seems like the right way to approach enterprise cybersecurity. But the moniker, while catchy, is somewhat misleading.
The zero-trust security model actually refers to an architecture that features a highly distributed, granular and dynamic trust network. Each one of those terms is important. Let’s see why. Highly distributed means the model extends trust (or the lack of trust) to every possible user and resource, regardless of where it resides. That includes cloud-based applications and data, as well as remote users and devices. In other words, zero trust fundamentally breaks the perimeter-based security model where devices, applications and users within a firewall are trusted, while those outside the border aren’t.
To read the entire article, please click on https://searchsecurity.techtarget.com/tip/Zero-trust-security-model-means-more-than-freedom-from-doubt
