Zero Trust

Zero Trust is required for all cloud environments in which data is processed or stored that is worthy of protection from an information security perspective. The idea behind Zero Trust is to never trust devices, applications or services solely by their physical or network location and always verify if access is granted to the requested asset. In contrast to perimeter-based security architectures, Zero Trust architecture principles must be applied to all cloud services regardless of whether they are externally or internally exposed.

The general technical approach to apply Zero Trust to a cloud environment is to use a microgateway in front of each service and communicate securely encrypted with TLS. This microgateway takes care of authorization before the request is forwarded to the associated service. Additionally, the least-privileges principle must be applied to each service/microservice.