Home > Cybersecurity glossary > Zero Trust 🟢 Protection

Zero Trust 🟢 Protection

Le zero trust (zero confidence, in French) is a a security strategy that stipulates that no entity (user, application, service or device) should be considered reliable by defaulteven if it is inside the organisation's network.

"Zero Trust is a bit like an ultra-secure guard at the gates of your digital business. Instead of letting everyone in, it scrupulously checks every identity and every access request. It's time-consuming, but it avoids unpleasant surprises."

In practice, this means that:

  • Each access is checked individually: Before authorising access to a system or data, the identity of the user, the status of the device and the context of the request are rigorously checked.
  • Access is limited to what is strictly necessary: The privileges granted are as restricted as possible, in order to limit the damage in the event of a compromise.
  • The network is segmented: The network is divided into several security zones, limiting the spread of any attack.

 

Towards the ORSYS Cyber Academy: a free space dedicated to cybersecurity