banner

What are the key concepts of Zero Trust security?

What are the key concepts of Zero Trust security?

To achieve its goal, Zero Trust access is governed by the following foundational principles:

  • Access to corporate resources is determined by a dynamic policy, enforced on a per-session basis, and updated based on information collected about the current state of client identity, application/service, and the requesting asset, including other behavioural and environmental attributes.
  • All communications to resources must be authenticated, authorized, and encrypted.
  • Authentication and authorization are agnostic to the underlying network
  • The enterprise monitors and measures the integrity and security posture of all owned and associated assets