Just when we got enough buzzwords to wrap our heads around, yet another one?

Well yeah, it’s common sense and simple. Zero trust literally means not having faith or trust in anyone.

What?
Assume a large bank with a lot of cash and other value reserves, Trust Inc. They hired Mark to head the marketing division. Now Mark can access any bank zone with his ID card; he can walk into a room full of safe deposits and access any locker or the physical cash reserve.

That’s stupid.
Yeah, exactly. Unfortunately, a lot of online systems work this way. People provide their credentials once to join a private network online, trust is assumed, and anything is accessible.

I see, so how do I implement zero trust?
How would you go about making Trust Inc Bank secure?

1. Restrict employees to certain zones based on their role in the bank.
2. Put guards in front of critical zones like cash reserves, data centres, etc.
3. Guards would be asked to verify every employee’s access strictly (Ex: The photo on the ID card should match the appearance of the employee)
4. Build monitoring systems to detect suspicious behaviour among employees.

Yes, you see, that’s common sense. Now here’s how we would employ them in a digital system.

1. Each user (human) and service (code) are identified and given specific access or clearance levels.
2. As users or services seek access, their clearance level is checked; only if they have the necessary authorization is access granted.
3. Along with a password, Multi-Factor Authentication must be used.
4. Monitoring the behaviour of users or services to identify threats.

That’s the simplified version of how Zero-Trust can be implemented.