Ask a group of IT security professionals to give their opinion on zero trust and you’re likely to receive a range of different responses. Some see it as little more than the latest industry fad, while others consider it a ‘must have’ strategy that can aid the battle against cyberattacks.
To understand zero trust’s potential impact on an IT security infrastructure, it’s first important to understand exactly what the term means. According to analyst firm Forrester, zero trust is an information security model that denies access to applications and data by default.
Forrester goes on to say that, under zero trust, threat prevention is achieved by only granting access to networks and workloads utilising policy informed by continuous, contextual, risk-based verification across users and their associated devices.