In the IT world, everything is an arms race against a would-be compromise. Attackers find a way past password complexity, security reacts to threats by utilizing better detection, attackers steal MFA tokens, it continues to happen day in and day out. Always a race to see who beats who and ends up on top.
In this constant battle, a new model for security has been reached, called Zero Trust. Long story short it states that no matter who, what, when, where, why, everything is under scrutiny. Even an email from your CEO is immediately reviewed, just in case.
This means that any and all connections, via either email, applications on a computer, files, or remote access are always untrusted from the start, also known as a “never trust, always verify” model. This reduces surface attacks and improves data protection by ensuring all access is known before any connection happens. The continued monitoring means that there is never a point where a login goes by undetected or unscrutinized. Compromises come from the unknown: an unknown login, unverified email with a bad link, or not understood or poorly documented legacy systems or applications. Zero trust blocks all these at the door before they can gain any access, and ensures all points of entry are known, trusted, and verified before use.
