Zero Trust is an identity-based security model that helps protect users, applications, data, and devices regardless of their location – inside or outside of an organization’s boundaries, remote, on-premises, or in the cloud.
A Zero Trust strategy is essential because of the increasing sophistication and number of cybersecurity attacks, which create significant risk of exposure to both external and internal threats in on-premises, hybrid, and multi-cloud application environments. Traditional perimeter-based security models do not adequately protect against inside threats and across distributed environments. They assume that “insiders” can be trusted, but there is no longer an inside. Because location can no longer be the basis for trust, identity-based security is rising to take its place.
Zero Trust assumes that infrastructure and applications are always under attack by intruders. It is based on three core principles:
- Never trust
- Always verify
- Continuously monitor
This means no user, service, application, or device is trusted and must be continuously authenticated and authorized. Time-bound privileges are granted based on the dynamic access policy and on a least-privilege basis, and all communications are encrypted. In addition, auditing, monitoring, tracing, reporting, and automation capabilities must be in place to analyze, evaluate, and mitigate security risks.
Zero Trust improves your security posture by:
- Automatically preventing unauthorized activity
- Reducing the accessible attack surface through access control
- Quickly detecting behavioral anomalies and indicators of compromise
- Limiting access time through real‑time, least‑privilege policies
- Making security independent of all other variables, including environment and geography
- Blocking ongoing attacks through constant authentication and identity validation
Powered by the most popular data plane in the world, NGINX secure connectivity solutions can help protect your distributed applications, microservices, and APIs in hybrid, multi-cloud environments.
To learn more about improving your security posture in a Kubernetes environment with proven, mature, and reliable technology from NGINX, visit our Zero Trust solution page.
To learn more built-in security controls and protection capabilities of NGINX and NGINX Plus, review our documentation.