- The zero-trust security model is a coordinated system strategy that assumes breaches are inevitable or have already occurred.
- Five guidelines for implementing the zero-trust model:
- The zero-trust system relies on network users to never trust any user, device or application and to always verify authenticity.
- Users should assume that the adversary already has a presence in the network.
- Apply security policies across all domains (mobile, LAN, WAN, etc.).
- Embrace multi-factor authentication for users to make stealing credentials more difficult.
- Incorporate zero-trust architecture incrementally in a strategic plan to avoid increased vulnerabilities during the transition.
– Hannah Mitchell | March 2, 2021