Skip to main content

Zero Trust

Updated Jan 30, 2024 ·

Overview

Zero Trust is a security model that operates on the principle that no one, whether inside or outside the organization, should be trusted by default and verification is required for everybody.

Control Plane

Define, manage, and enforce the policies related to user and system access

  • Adaptive identity - rely on real-time validation.
  • Threat scope reduction - limit user's access to only what they need.
  • Policy-driven access control - enforce user access policies based on their roles
  • Secured zones - isolated environments within a network that is designed to house sensitive data.

Data Plane

Ensures that the policies and procedures are properly executed.

  • Subject/system - individual or entity attempting to gain access.
  • Policy engine - cross-references the access request with its pre-defined policies.
  • Policy administrator - establish and manage the access policies.
  • Policy enforcement points - acts as gatekeeper which allow or restrict access.