Zero Trust in Cyber Security

“Don’t trust anyone”. You might have heard this often in movies, and even use it in your daily lives. It is kind of sad to hear this expression because it means there are often times we could be betrayed by those whom we trusted. Unfortunately, similar things also have been happening in the world of cybersecurity, and a new terminology “Zero Trust” has become the latest cybersecurity buzz word.

Both “Zero Trust” as well as “Untrust and Always Verify” imply the principle that previously trusted things must be checked and allowed to be used only after verification. Although the IT term seems to be clearly defined, we might not understand exactly what it means when it is applied to cybersecurity in today’s society, so let’s take a real-world example.

Have any of your employees been working more from home due to COVID-19? According to a survey of 127 human resources managers conducted by the leading market research firm Gartner in June 2020, 82 percent of companies and organizations surveyed said they allow at least some work from home, while 47 percent said they allow work exclusively from home. As a result of this huge increase in the workforce working from home, there has been an accompanying huge spike in remote access to corporate internal networks via personal PCs or smartphones during the Pandemic. The problem is though, as you might already know, that individual devices can be very vulnerable to cyber-attacks. It is much more difficult to ensure security when individual devices instead of the devices managed within the corporate network are being used. This presents a challenge as we still have to work by allowing corporate server access from external individual devices of employees working from home. Then, how can we enhance the security by applying the Zero Trust principle or approach in this circumstance? Changes can be implemented in “Authentication”, or “logging in”. Authentication is used very frequently so one might think changing your authentication, your password, is a very obvious step. However, the change we mean here is setting up one or more additional steps for authentication.

Diagram of Existing and Zero Trust network setting

Diagram 1) shows the current way to access internal server from individuals working from home, and 2) shows an example of applying the Zero Trust principle to this environment. What’s the difference? In the case of the former, the authentication was directly conducted on the security equipment and then the individual can immediately access the corporate internal server. In the case of the latter example, multi-step authentication prevents immediate access to corporate internal server from untrusted devices by operating the authentication on a separate certificate server, thereby protecting against direct attacks and minimizing exposure to security threats.

This is a good start. However, in order to achieve a true Zero Trust environment for protection , the Zero Trust principle should be implemented beyond the authentication process. The multi-step authentication completely trusts users and computer devices that have previously passed the authentication, which contradicts the Zero Trust principle! Under the Zero Trust principle, we have to constantly doubt devices even after they are connected to the internal server. We need to “monitor” devices even after they have gained access to the internal server. We will cover exactly how the monitoring can be conducted in the next blog post. Then, after understanding the role of authentication, monitoring (visibility), and minimum access, one will be able to build a systematic Zero Trust environment!

Below is some background on John Kindervag who contributed to the origin of the term Zero Trust.

Zero Trust was created by John Kindervag, during his tenure as a vice president and principal analyst for Forrester Research, based on the realization that traditional security models operate on the outdated assumption that everything inside an organization’s network should be trusted.




I have served as CEO of NPCore, Inc. from November 2008 to the present with an extensive career of more than 20 years in the cybersecurity industry.

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

{UPDATE} Slide the Blocks Hack Free Resources Generator

Listicle for secure Software Development Life Cycle(SDLC)

Details on Fractal Wallet and ID

MSMEs is a utility token that powers the products and services within the ecosystem, which brings…

{UPDATE} Word Joy: Brain up Hack Free Resources Generator

Helpful Removal Guide

Reversing Ryuk

Attack Path Management Pillars: Part 3 — Safe AD Security Remediation Guidance

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Han Solo

Han Solo

I have served as CEO of NPCore, Inc. from November 2008 to the present with an extensive career of more than 20 years in the cybersecurity industry.

More from Medium

Let me help you navigate the Framework Jungle

Change Now to the Future of Vulnerability and Threat Management — ESOF VMDR

Vulnerability Management with Nessus

The 5 W’s of Threat Modeling