Cybersecurity In-Depth

The Edge

How Is Zero Trust Different From Traditional Security?

Unlike traditional security approaches, the zero-trust security model verifies a user's identity each and every time they need specific system access.

Question: How does zero trust differ from a traditional security approach?

Ash Devata, general manager, Cisco Zero Trust and Duo Security: Traditional security gives value to where the user is coming from. It uses a lot of trust because the user's location or IP address (perimeter model) is used to define the user to the system. In a zero-trust model, we assume zero units of trust before we grant you access to anything and verify a lot of other information before granting access. And when access is granted, you’ll be given the least amount of privilege necessary to get your job done.

A good example of a traditional security approach is if you’re in the office, you can access the full network even though you only need access to a specific portal. Or imagine getting into a multifloor club; in a traditional security approach, the bouncer checks your ID and you can go anywhere. But in a zero-trust approach, getting into the club is only the first check. The bartender or waitress must also check your ID before you could be served regardless of where you are in the club.