Skip to content
security

Zero Trust

A security model that requires continuous verification for every user and device, regardless of network location.

Also known as

Zero Trust Architecture ZTA Zero Trust Network Access ZTNA

Zero Trust is a security framework built on the principle of “never trust, always verify.” Unlike traditional perimeter-based security (which implicitly trusts traffic inside the corporate network), Zero Trust requires explicit authentication and authorisation for every request — regardless of whether it originates inside or outside the network boundary.

Core tenets (NIST SP 800-207)

  1. Verify explicitly — authenticate and authorise using all available data points (identity, location, device health, service/workload).
  2. Use least-privilege access — limit user access with just-in-time and just-enough-access policies.
  3. Assume breach — minimise blast radius and segment access; encrypt all traffic; use analytics to gain visibility.

Key components

  • Identity Provider (IdP) — e.g. Okta, Azure AD — the authoritative source of user identity.
  • Device trust — MDM/EDR solutions verify endpoint posture before granting access.
  • Micro-segmentation — workloads communicate only on explicitly allowed paths.
  • mTLS — mutual TLS between services eliminates implicit network trust.

See also

SASE IAM mTLS
← Glossary