Zero trust model seeks to address the problems that come with putting our trust in the network. Instead, network access and communication can be secured so well that the transport layer’s physical security can be safely ignored. It goes without saying that this is an ambitious objective. The good news is that today’s crypto is fairly strong and with the correct automation systems that idea is actually feasible.
Here are some important fundamentals of zero trust model including:-
1) One should always presume that the network is hostile.
2) The network is constantly vulnerable to both internal and external threats.
3) Network locality is insufficient to determine network trust.
4) Every device, user, and network flow has been verified and given permission.
5) Dynamic policies must be derived from as many different data sources as is practical.