Zero Trust security is now hitting the mainstream and will be compulsory for federal agencies after an executive order has been signed by United States President Joe Biden to boost the cyber posture of the federal government. An order mandated agencies to move to zero-trust as-a-service architectures and enable two-factor authentication (2FA) within 180 days.
This security model helps to maintain strict access controls and not trusting anyone by default, including those inside the network perimeter, Zero Trust, a security strategy being pushed by vendors, has now fully caught on in the enterprise.
Zero Trust is founded on a mantra of “never trust, always verify”. The cybersecurity industry introduced this model to help reduce the impact of breaches with three underlying principles:
All networks should always be treated as untrusted (If all networks are untrusted, then so must users be)
Least privilege (Home and corporate networks, pubic Wi-Fi networks, never assume that there are any safe spaces left)
Assume breach (Maintain an alert mentality because Breaches are inevitable)