Zero Trust Architecture — Technology Wiki

Overview

Direct Answer

Zero Trust Architecture is a security framework that eliminates implicit trust based on network location, requiring continuous verification of identity and device posture for every access request to organisational resources. It operates on the principle that no user, device, or application should be automatically trusted, regardless of whether they originate from inside or outside the corporate perimeter.

How It Works

The model implements strict authentication and authorisation at every access point using mechanisms such as multi-factor authentication, device compliance checks, and microsegmentation of networks. Each request is evaluated against defined policies before access is granted, and trust is granted on a per-session or per-transaction basis rather than upon initial network entry. Continuous monitoring and re-verification occur throughout the session to detect and respond to compromised credentials or anomalous behaviour.

Why It Matters

Organisations prioritise this approach to reduce breach surface area and limit lateral movement when credentials are compromised, addressing the inadequacy of traditional perimeter-based defences in hybrid and cloud environments. Compliance with regulations such as GDPR and zero-trust mandates in government procurement frameworks drives adoption. It reduces insider threat risk and supports secure remote work by treating all connections as untrusted.

Common Applications

Financial institutions and healthcare organisations implement this model to protect sensitive customer data and comply with regulatory requirements. Cloud service providers adopt it for multi-tenant environments. Government agencies and defence contractors increasingly enforce zero-trust policies for contractor and remote workforce access.

Key Considerations

Implementation requires substantial investment in identity management infrastructure, monitoring tools, and organisational change management, making adoption a multi-year undertaking. Overly restrictive policies can degrade user experience and productivity if not carefully balanced against security objectives.

Related in Network Security

Firewall

A network security device that monitors and filters incoming and outgoing network traffic based on security rules.

Certificate Authority

An entity that issues digital certificates, verifying the identity of organisations and encrypting communications.

Secure Access Service Edge

A cloud architecture that converges networking and security services including SD-WAN, firewall, and zero trust access into a unified cloud-delivered platform.

More in Cybersecurity

MITRE ATT&CK

Offensive Security

A globally accessible knowledge base of adversary tactics and techniques based on real-world cyber observations.

Deception Technology

Identity & Access

Security solutions that deploy decoy assets such as fake servers, credentials, and data to detect, misdirect, and analyse attackers who have breached perimeter defences.

Penetration Testing

Offensive Security

A simulated cyberattack against a system to evaluate the security of its defences and identify exploitable vulnerabilities.

Vulnerability Assessment

Offensive Security

The process of identifying, quantifying, and prioritising security vulnerabilities in systems and applications.

Red Team

Offensive Security

A group of security professionals who simulate real-world attacks to test an organisation's defensive capabilities.

Security Operations Centre

Defensive Security

A centralised facility where security professionals monitor, detect, analyse, and respond to cybersecurity incidents.

Intrusion Prevention System

Offensive Security

A network security technology that examines network traffic to detect and prevent vulnerability exploits.

Threat Intelligence

Offensive Security

Evidence-based knowledge about existing or emerging threats to an organisation's digital assets and infrastructure.