Français
English
Español
Deutsch
Norsk
Why Zero Trust is gaining groundThe traditional perimeter-based security model (the “castle and moat” approach) is obsolete. With remote work, the cloud and mobile devices, the network perimeter no longer exists. Zero Trust starts from the principle that every connection is potentially malicious and must be verified systematically.The fundamental principlesNever trust, always verify. Grant the minimum privileges required. Assume the breach has already happened. Explicitly verify every access request based on identity, context and device posture.Progressive deploymentPhase 1: Inventory all assets, users and data flows. Phase 2: Put strong authentication (MFA) and network micro-segmentation in place. Phase 3: Implement risk-based conditional access control. Phase 4: Automate threat detection and response.The key technologiesIdentity Providers (Azure AD, Okta), CASBs (Cloud Access Security Broker), SASE (Secure Access Service Edge) solutions and EDR (Endpoint Detection and Response) make up the Zero Trust technology stack.Source: John Kindervag, creator of the Zero Trust concept (Forrester), ZDNet, January 2026
