Zero Trust Architecture (ZTA) is a security model based on the principle of “never trust, always verify.” Unlike traditional perimeter-based security, ZTA requires continuous authentication and authorisation for every request regardless of network location.
Core Principles
- Verify explicitly — Always authenticate and authorise based on all available data points
- Use least privilege access — Limit user access with Just-In-Time and Just-Enough-Access (JIT/JEA)
- Assume breach — Minimise blast radius, segment access and verify end-to-end encryption