The Zero Trust Model is a protection policy that is used by Information Technology for secure identification and verification of the organization’s devices. It is a security network that utilizes different principles and mechanization. The IT network puts security trust in everyone inside and outside the network access.
The framework of the model does not trust anyone in the network. In 1994, Stephen Paul Marsh originated the term ‘Zero Trust’. Later on, John Kindervag popularized it. When Kindervag got to know about the concept of this technology, he was working with Forrester as an Analyst. Soon, Marsh introduced the concept of Zero Trust to the world. He believed that the IT system of any organization can be supported and created.
The Zero Trust Security has three principles which are the foundation of the Security Model. The first principle states that all the networks within or not should be untrusted. It means that there is no assurance that networks cannot be hacked.The second principle states that the employees should only get limited access to the networks, just to fulfil their tasks. The third principle states that there is no way through which breaches can be prevented. All organizations should try to diminish its impact on network security.
Development of the Zero Trust Model
The development of the Zero Trust Model takes place in different stages with the need for security of the networks. Here are the different shifts in its development since its origin –
- Death of the perimeter
- The Cloud
- Two Factor Authentication to secure username and password
- Operation Aurora
- RSA Hack in 2011
- Enter Zero Trust
Origin of the New Paramount Technology
Google was the foremost organization that prompted the capabilities of the Zero Trust Model’s architecture. The initiation of this procedure was known as Beyondcrop. A de-parameterized framework inspired by Zero Trust Architecture was implemented by Google in 2009. Simultaneously, Kindervag was also busy highlighting the Zero Trust approach through active engagement with the IT communities.
But everything happened at a very slow pace. More than 10 years were taken by the organizations to accept and implement the zero-trust architecture.The history and invention of Zero trust represented the background of its existence. In 2014, a Swiss Security IT engineer developed the concept of the Zero Trust Model. Earlier the whole network of Zero Trust was conceptualized and established on firewall circuits to shield the client’s data from malware.
The architectural style manuscript was received by the Swiss Federal Institute of Intellectual Property. The manuscript was known as the Untrust-Untrust type of network and was published in 2015.
In 2019 national security agencies like the UK National Technical Authority and National Cyber Security Centre started proposing it. Soon after a year, by 2020, the Zero trust model became part of cloud services, cyber security providers, and other major platform solution suppliers.