By definition, a zero trust security model advocates for the creation of zones and segmentation to control sensitive IT resources. This also entails the deployment of technology to monitor and manage data between zones, and, more importantly, authentication within a zone(s). This encompasses users, applications, context, attribution, and other resources and parameters. In addition, the zero trust model redefines the architecture of a trusted network inside a logical and software-defined perimeter.
This can be on-premises or in the cloud. Only trusted resources should interact based on an authentication model within that construct. Zero trust is increasingly relevant today as technologies and processes like the cloud, virtualization, DevOps, edge computing, edge security, personification, and IoT have either blurred or dissolved the idea of a traditional firewall and network-zoned perimeter. The seismic shift to remote work/work-from-home has only accelerated the demise of the traditional perimeter. Increasingly, resources that require authentication, privileges, and access may reside outside of corporate governance. This can include other untrusted resources or identities, accounts, and processes. These realities have given rise to the concept of the Data Plane, which is important to manage, and will be discussed in greater detail later in this paper.
