The Zero-Trust-Model is a security approach in which a strict check of the user or the device is carried out regardless of its location in relation to the network. By restricting who gets privileged access to a computer or a network segment within an organization, the possibilities for attackers are severely limited. A network environment in which this security model is used is also known as a Zero-Trust-Network.
One of the principles of the Zero Trust model is that weak points are often exploited when companies show too much trust in individuals or outsiders when it comes to authorizations. Therefore, the Zero Trust approach provides that initially no user should be trusted by default, regardless of whether they are inside or outside the network.
The term “Zero Trust” was originally introduced in 2010 by a Forrester Research analyst. Shortly after, providers such as Cisco or Google adapted the model.