Zero Trust Security
Understand the fundamentals, key principles, standards, and best current practices.
What is Zero Trust?
The foundation of Zero Trust Security is switching from a perimeter-based (firewall and VPN) model of access to a user-to-resource model.
It means implementing strong, simple identity for both people and also a system. Decouple the identity from the corporation to make it affinitive to the userโa single identity.
Through it, you can enforce entitlements and authorization in the network.
This micro-segmentation is simpler to use, more accessible, and, more secure. It reduces the lateral traversal, empowers your users, increases your audit capabilities, is more economical, and is more scalable. This is the power of Zero Trust.
Zero Trust Security Standards
Identity
The core of any Zero Trust Architecture is identity. Identity of a person, identity of a resource. Users are commonly identified via OpenID Connect and SAML. Resources are commonly identified by Client Certificates.
Zero Trust Architecture
Zero Trust Architecture has evolved over the years. The constant theme is changing from a perimeter-based (firewall+VPN) security stance to a user+resource stance.
Foundational
Zero Trust Security has a set of foundational standards that are shared with other technologies. These relate to cryptography, security, and identity.
Best Practices
Zero Trust Resources
Complex technologies can be difficult to configure. Learn from the accumulated best practices of others.