Accept nothing less than zero trust security
Why zero trust security?
10 years ago the zero trust model was created as a way to improve application security. It seemed straight forward, ensure access to apps is always secure, that it’s based on least privilege and have visibility into all user activity. But network-centric technologies of the past made achieving zero trust security impossible, placing users on net, allowing access prior to authorization and limiting visibility to IP addresses and ports, not users. For a time the model struggled to find a foothold within IT. Until now.