{"id":5654,"date":"2020-10-05T18:55:26","date_gmt":"2020-10-05T16:55:26","guid":{"rendered":"https:\/\/tekmart.co.za\/t-blog\/?p=5654"},"modified":"2020-10-05T18:55:27","modified_gmt":"2020-10-05T16:55:27","slug":"zero-trust-model-zero-trust-network","status":"publish","type":"post","link":"https:\/\/tekmart.co.za\/t-blog\/zero-trust-model-zero-trust-network\/","title":{"rendered":"zero-trust model (zero trust network)"},"content":{"rendered":"Reading Time-approximately:<\/span> 2<\/span> minutes<\/span><\/span>\n

The zero trust model is a security model used by\u00a0IT\u00a0professionals that requires strict identity and device verification regardless of the user\u2019s location in relation to the\u00a0network perimeter.<\/strong><\/h2>\n\n\n\n
\"\"\/<\/figure>\n\n\n\n

Posted by:\u00a0Margaret Rouse<\/a><\/p>\n\n\n\n

WhatIs.com<\/a><\/p>\n\n\n\n

Contributor(s): Laura Fitzgibbons<\/p>\n\n\n\n

The model is based on the assumption that all users, devices and transactions are already compromised, regardless of whether they’re inside or outside of the firewall.  By limiting which parties have privileged access to each segment of a network, or each machine in a secure organization, the number of opportunities for a hacker to gain access to secure content is greatly reduced. A network that implements the zero trust model is referred to as a zero trust network.<\/p>\n\n\n\n

The main tenet of zero trust security is that vulnerabilities often appear when companies are too trusting to individuals or outsiders. Therefore, the model suggests that no user, whether inside or outside the network, should be trusted by default.<\/p>\n\n\n\n

The term zero trust was introduced by an analyst at Forrester Research in 2010, with vendors like\u00a0Google\u00a0and\u00a0Cisco\u00a0adopting the model shortly after.<\/p>\n\n\n\n

Importance of the zero trust model<\/strong><\/h3>\n\n\n\n

The traditional approach to network security is known as the castle-and-moat model. The focus of this concept is that gaining access to a network from the outside is difficult, but once inside, users are automatically trusted. This becomes harder to manage as organizations keep their data distributed across multiple locations, applications and\u00a0cloud services.<\/p>\n\n\n\n

The zero trust model acknowledges that focusing only on perimeter security is not effective. Most\u00a0data breaches\u00a0occur when hackers successfully bypass an organization\u2019s\u00a0firewall\u00a0and are then granted authentication into internal systems. Therefore, the zero trust model is a stronger approach to protecting important resources.<\/p>\n\n\n\n

Fundamentals of the zero trust model<\/strong><\/h3>\n\n\n\n

While there are various technologies and principles that can be used to enforce zero trust security, the basic fundamentals include:<\/p>\n\n\n\n