← Study Notes Security


Security

Zero Trust

A model that assumes no implicit trust from network location — every request is authenticated, authorised and encrypted whether it comes from inside or outside the perimeter ('never trust, always verify'). It replaces the soft-inside, hard-shell castle with per-request verification and least privilege. It is an architecture shift, not a product you buy.


Purpose

Zero Trust discards the castle-and-moat model — hard shell, soft inside — and grants nothing on the basis of network location: every request is authenticated, authorised and encrypted, whether it originates in the office, the VPN or the datacentre next door. 'Never trust, always verify' is the whole doctrine.

When to Use It

It fits the world as it now is: remote work, cloud services and microservices dissolved the perimeter years ago. Concrete forms include identity-aware access to internal tools instead of VPN-equals-trust, mutual TLS between services, and per-request policy in a service mesh.

Trade-offs

It is an architectural journey, not a product, despite every vendor's branding: identity becomes the critical dependency, policy management grows, and retrofitting legacy systems that assume a trusted LAN is genuinely hard. Partial adoption still pays — each verified boundary removes a class of lateral movement.

Implementation

Anchor everything to strong identity (SSO + MFA for humans, workload identity for services); authenticate and authorise every internal call rather than trusting source IPs; encrypt internal traffic (mTLS); segment networks so compromise cannot spread; and grant least privilege with short-lived credentials everywhere.