What is Zero Trust Network Architecture (ZTNA)?
Zero Trust is a term coined by John Kindervag while he was an analyst at Forrester Research to describe a strategic framework in which nothing on the network is trusted by default – not devices, not end users, not processes. Everything must be authenticated, authorized, verified and continuously monitored.
The traditional approach to security was based on the concept of “trust, but verify.” The weakness of this approach is that once someone was authenticated, they were considered trusted and could move laterally to access sensitive data and systems that should have been off-limits.
Zero Trust principles change this to “never trust, always verify.” A Zero Trust architecture doesn’t aim to make a system trusted or secure, but rather to eliminate the concept of trust altogether. Zero Trust security models assume that an attacker is present in the environment at all times. Trust is never granted unconditionally or permanently, but must be continually evaluated.
from Network World https://ift.tt/pMy2Car
0 Response to "What is Zero Trust Network Architecture (ZTNA)?"
Post a Comment