Since its inception in 2019, the concept of Zero Trust has become a guiding principle for many cybersecurity practitioners.
In an Executive Order on 12 May 2021, the United States government specifically called on federal agencies and their suppliers “to modernise [their] approach to cybersecurity” by accelerating the move to secure cloud services and implementing a Zero Trust architecture.
When many people think of Network Access Control (NAC) they often only think about perimeter security, leading to questions about its continued relevance in Zero Trust network environments. However, NAC solutions have evolved to support many of the capabilities that are essential to a dynamic Zero Trust architecture – and have a critical role to play in helping organisations on their Zero Trust journey.
The complexity behind the ‘Zero Trust’ term
“Zero Trust is not a single architecture, but a set of guiding principles for workflow, system design and operations.” – National Institute of Standards and Technology Special Publication 800-207
As with many IT concepts, a single phrase such as ‘Zero Trust’ brings with it a range of interlinked challenges, projects and other considerations. Most security vendors today can justifiably link their solutions to Zero Trust, and there are numerous lists of the ‘top 10 Zero Trust security solutions’ on the Internet.
As humans we like easy fixes, so it’s in vendors’ interests to simplify…
