John Kindervag coined the term Zero Trust in 2010 when he was at Forrester Research. In light of recent attacks like Solarwinds, his views should be considered prophetic. He outlined the following key tenets
- The network is always assumed to be hostile.
- Assume threat actors are already inside your network.
- Network locality (segmentation) is not sufficient for deciding trust in a network.
- Every device, user, and network flow is authenticated and authorized.
- Policies must be dynamic and calculated from as many sources of data as possible.
- The device is no longer the border. A user/service’ identity is the net border.
- Containers, serverless, and cloud are the new disruptors of traditional security architecture.
“President Ronald Reagan’s famous quote “trust but verify” has stood well in international diplomacy. A variant of this “Verify.. Trust.. Verify Continuously” is an apt model in the Zero Trust world we find ourselves in. The architectural foundations of AccuKnox. Identity-driven Zero Trust model coupled with continuous anomaly detection delivers Zero Trust Security for security-conscious organizations”.