what is zero trust architecture

Zero Trust Architecture (ZTA) is a cybersecurity approach that assumes that no one is trusted by default from inside or outside the network, and verification is required from everyone trying to gain access to resources. It is a strategic approach to cybersecurity that secures an organization by eliminating implicit trust and continuously validating every stage of a digital interaction. The zero trust approach advocates mutual authentication, including checking the identity and integrity of users and devices without respect to location, and providing access to applications and services based on the confidence of user and device identity and device health in combination with user authentication. The key principles of Zero Trust include strong authentication methods, network segmentation, prevention of lateral movement, Layer 7 threat prevention, and granular, “least access” policies. Zero Trust architecture requires organizations to continuously monitor and validate that a user and their device has the right privileges and attributes, and it also requires enforcement of policy that incorporates the risk of the user and device, along with compliance or other requirements to consider.