13-01 Zero Trust Model
The Zero Trust model operates on the principle of “trust no one, verify everything.”
- Malicious actors being able to by-pass conventional access controls demonstrates traditional security measures are no longer sufficient
- In the Zero Trust Model Identity becomes the primary security perimeter.
# What is the Primary Security Perimeter?
The primary or new security perimeter defines the first line of defense and its security controls that protect a company’s cloud resources and assets
# Network-Centric: (Old-Way)
traditional security-focused on firewalls and VPNs since there were few employees or workstations outside the office or they were in specific remote offices.
# Identity-Centric: (New-Way)
Bring-your-own-device, remote workstations are much more common, we can’t trust if the employee is in a secure location, we have identity-based security controls like MFA, or providing provisional access based on the level of risk from where, when, and what a user wants to access.
Note
Identity-Centric does not replace but augments Network-Centric Security