Le zero trust (zero confidence, in French) is a a security strategy that stipulates that no entity (user, application, service or device) should be considered reliable by defaulteven if it is inside the organisation's network.
"Zero Trust is a bit like an ultra-secure guard at the gates of your digital business. Instead of letting everyone in, it scrupulously checks every identity and every access request. It takes time, but there are no nasty surprises.
In practice, this means that:
- Each access is checked individually: Before authorising access to a system or data, the identity of the user, the status of the device and the context of the request are rigorously checked.
- Access is limited to what is strictly necessary: The privileges granted are as restricted as possible, in order to limit the damage in the event of a compromise.
- The network is segmented: The network is divided into several security zones, limiting the spread of any attack.
