iso27diy-corp/Corpus/Information Security/Zero Trust.md

Source: IT Governance USA Author: Luke Irwin Publication Date: 10 dec. 2019 Retrieved: January 10, 2022

Zero trust is an approach to cybersecurity that assumes that no one is trusted by default, either from inside or outside the network. To access any information resources, verification is required from everyone.

(IT) systems require techniques like micro-segmentation, least privileged access, and multifactor authentication.

Zero trust can consist of monitoring all network communications, avoiding default configurations, tracking all devices, and implementing multifactor authentication.

Related:

• Zero Trust and ISO 27001
• Checklist for auditing Zero Trust approach