In 2020, many enterprises saw their once-bustling offices go quiet as company-wide work from home policies went into effect around the world. The shift to remote work has magnified the cracks in the traditional network approach to enterprise security. Once able to make access decisions based on whether employees are in the office or not, organizations can no longer rely on this binary process of workforce authentication decision making when all employees are working off premises.
To ensure that remote employees can securely access required resources, enterprises are evolving their security strategies to an identity-centric, Zero Trust approach. Zero Trust is grounded in the philosophy that you should never trust and always verify, meaning there should be no implicit trust in a corporate network.
As users and devices go mobile and apps move to the cloud, you must build networks on the assumption that anyone could be on the network at any time. As such, you deny open access to corporate resources residing inside those networks and instead ensure a user's identity is always verified before accessing any resource. To accomplish this, risk signals are continuously monitored to determine the level of assurance that users are who they claim to be.