2 Once derided as merely a buzzword, zero trust has emerged in recent years as a very real cybersecurity framework and a more secure alternative to the traditional castle-and-moat security approach. But despite widespread acceptance of zero trust as a concept, there remains confusion about what exactly it entails and, to an even greater extent, how zero-trust security can be implemented. The zero-trust framework is founded on the premise, “Never trust, always verify.” This eliminates the transitive trust that characterizes perimeter security and, in its place, requires that all users and devices be authorized and then continuously authenticated before any access is granted. The purpose of zero trust is to reduce the surface area for potential cyberattacks by: 1) Fully validating and

Join for free to read