Abstract

As organizations move most of their workloads to public cloud and remote work becomes more prevalent today, enterprise networks become more exposed to threats both from inside and outside the organization. The traditional Perimeter Security Model assumes that threats are always from the outside. It assumes that firewalls, proxies, IDS, IPS and other state-of-the-art infrastructure and software solutions curb most of the cyberattacks. However, there are loopholes in this assumption, which the Zero Trust Model addresses. This paper discusses the Zero Trust Model and it's mandates and evaluates the model based on the various implementations by the leading industry players like Google and Microsoft.