It is widely recognised that the traditional boundary protection approach to security is broken, particularly in the era of cloud services and remote working, where it is no longer possible to identify your perimeter, or trust those who purport to be users on your network. This is where the zero trust concept can provide a solution, with the right planning and implementation.
Zero trust can mean different things to different people. At a high level, it is about trusting nothing and no one, on the assumption that all users, devices and transactions are compromised. In terms of technology, many familiar elements underpin the concept, namely identity and access management (IAM), mobile device management, multifactor authentication, and so on.
