Traditional network security relies on a castle-and-moat approach where everything inside the digital architectures, protected by a network security perimeter, is trusted. Zero trust flips this concept on its head. This means those entering an organization's digital structure are authenticated, verified, and given the exact time and privileges on a user per user case.
Under this concept, certain features like least privilege access - where users are only given the minimum access level required to do their job - are used to reduce the damage an attacker can do if they gain access to an account. Network security in zero trust models is micro-segmented - divided into smaller segments to limit the blast radius of a potential breach.
[
Collection
]
[
|
...
]