![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(57.599999999999994, 98%, 15%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EES%3C/text%3E%3C/svg%3E)
1,563 questions
Hello @Ethan Smith
Here is our Zero Trust essentials e-book which explains the principals. The reason for moving to zero trust is that data, users and corporate environments don't sit behind a firewall, but have evolved to sit off-premises, in the cloud and across hybrid networks. Enterprises only want trusted, verified users to access their data and systems, so zero trust applies the principals to:
- Verify explicitly: Ensure without doubt that the user is who they say they are.
- Apply least privileged access: If a user becomes compromised or goes rogue, ensure they can do the least amount of damage possible. Do not give them access to systems or data that they do not need to do their job at that point in time.
- Always assume breach: Continually monitor your environment and detect and respond to existing and new threats in real time, to reduce the risk to your data, before bad actors get a foothold and compromise your business.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(227.2, 95%, 32%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EJL%3C/text%3E%3C/svg%3E)