The traditional perimeter model assumed that anything inside the corporate network was trustworthy. Cloud, remote work and lateral-movement attacks broke that assumption. Zero Trust Architecture, formalised in NIST SP 800-207, treats the network as always hostile and grants access per-request based on identity, device posture and context — never on location alone.
Working principle
Access decisions flow through a logical Policy Decision Point (PDP) and Policy Enforcement Point (PEP). When a subject requests a resource, the PEP intercepts it and asks the PDP, which combines the request with signals — identity, MFA, device health, threat intelligence — to issue a short-lived, least-privilege grant that is re-evaluated continuously.
| Dimension | Perimeter / castle-moat | Zero Trust |
|---|---|---|
| Trust basis | Network location | Identity + device + context |
| Default stance | Trust inside, block outside | Deny by default everywhere |
| Segmentation | Coarse VLANs | Micro-segmentation per workload |
| Session | Long-lived | Short-lived, continuously verified |
| Lateral movement | Easy once inside | Contained by per-resource policy |
Core pillars
- Identity — strong authentication, MFA, single sign-on
- Device — posture and compliance checks before access
- Micro-segmentation — isolate workloads to limit blast radius
- Continuous monitoring — re-authorise on changing risk
Common pitfallZero Trust is an architecture and operating model, not a single product. Vendors sell components (ZTNA, identity, SASE) but the policy engine and data inventory must be designed for the organisation.
References & further reading
- NIST SP 800-207, “Zero Trust Architecture,” 2020.
- Ward & Beyer, “BeyondCorp: A New Approach to Enterprise Security,” Google, 2014.
- CISA Zero Trust Maturity Model v2.0, 2023.