For decades, the logic was straightforward: what happens inside the network is safe, everything outside is hostile. A perimeter firewall and a VPN for remote access were considered sufficient to protect the information system. This model, commonly known as the castle-and-moat approach, shaped enterprise IT architectures for more than twenty years.
Today, it is structurally obsolete. The rise of Cloud computing (SaaS, IaaS, PaaS), the widespread adoption of remote work, the proliferation of third-party access, and the outsourcing of critical services have erased any clear network boundary. In this context, the concept of a “trusted internal network” no longer holds true, and clinging to it is equivalent to leaving a door open that attackers have already learned how to exploit.
According to the Zscaler ThreatLabz 2024 report, 92% of organizations are concerned that third parties using VPN access could serve as an entry point for cyberattacks, and 56% have already experienced a compromise through their VPN infrastructure.
What Zero Trust Changes in Practice
Zero Trust is neither a product to deploy nor a project to complete. It is an architectural principle first formulated in 2010 by John Kindervag at Forrester Research and later formalized by the NIST in its SP 800-207 publication in 2020.
Its core assumption is simple: no user, device, or network flow should be trusted by default, even when operating from within the corporate network.
The Cybersecurity and Infrastructure Security Agency (CISA) structures the model around five complementary pillars that collectively address every exposure vector within an information system.
Identity
Strong authentication (MFA, FIDO2), access governance (IAM/PAM), and least-privilege principles must be applied to every account, including service accounts and third-party access accounts that are often overlooked during entitlement reviews.
Devices
Every endpoint accessing corporate resources is evaluated in real time based on patch levels, compliance with security policies, and system integrity. Non-compliant devices are denied access regardless of the user’s identity.
Network
Micro-segmentation and the gradual replacement of VPNs with a Zero Trust Network Access (ZTNA) architecture are central components of the model. East-West traffic is inspected just as thoroughly as inbound traffic because an attacker who has already gained access to the network is often more dangerous than one operating from outside.
Applications & Workloads
Access is granted on a per-session basis according to context rather than simple membership in a subnet. APIs and cloud workloads are fully integrated into access control policies.
Data
Data classification, encryption at rest and in transit, Data Loss Prevention (DLP), and outbound traffic monitoring help detect any form of data exfiltration, whether malicious or accidental.
Why So Many Organizations Have Yet to Make the Shift
Resistance to Zero Trust is rarely driven by doubts about its effectiveness. More often, it stems from the perceived complexity of implementation.
Two obstacles consistently emerge during the engagements conducted by our teams.
A Legacy and Heterogeneous Application Landscape
Organizations have accumulated decades of legacy applications that were never designed to operate within a conditional access model. Integrating them without disrupting business operations requires significant engineering effort.
Limited Visibility Into Identities
You cannot control what you cannot see. Most organizations lack a comprehensive understanding of their privileged accounts, dormant service accounts, and third-party accesses that should have been revoked long ago.
Four Priority Initiatives to Get Started
These challenges are not insurmountable. A realistic Zero Trust roadmap can be built around four key initiatives that enable steady progress without waiting for a complete transformation of the existing environment.
1. Gain Control Over Identities and Access
Map all accounts, enforce least privilege, and require MFA for all sensitive access.
Privileged accounts should be managed through a PAM solution, with administrative sessions conducted through a secure bastion host—a centralized, traceable, and controlled access point ensuring that no critical connection occurs outside an approved channel.
For applications that cannot be modified, solutions such as Zscaler Private Access can introduce strong authentication and contextual access controls without requiring code changes. In this model, identity becomes the new security perimeter, even for legacy applications.
Without clear visibility into identities and access rights, any Zero Trust initiative remains little more than a statement of intent.
2. Secure Endpoints and Devices
Every device accessing corporate resources must comply with predefined security policies regarding patch levels, configuration standards, system integrity, and endpoint detection and response (EDR).
Non-compliant devices are denied access regardless of user identity. This principle of device verification before authorization is the first line of defense against compromises originating from poorly managed endpoints.
3. Segment and Control Network Access
An attacker who breaches an initial security layer should not be able to move freely throughout the information system.
Functional network segmentation is the primary defense against lateral movement. Each segment acts as an isolated compartment, mechanically limiting the scope of any compromise.
East-West traffic, often overlooked, must be monitored and controlled just as rigorously as inbound traffic.
For remote access, the transition to ZTNA represents a fundamental shift: organizations no longer grant access to a network; they grant access to a specific application, for a specific session, under specific contextual conditions.
4. Monitor and Respond Continuously
A user accessing unusual resources, connecting at abnormal hours, or logging in from an unrecognized device should trigger re-authentication or automated blocking.
This behavioral detection capability is the nervous system of a Zero Trust architecture. Its effectiveness increases significantly when operated by a Security Operations Center (SOC) capable of continuously analyzing alerts, qualifying incidents, and intervening before a situation escalates.
Conclusion
Cybersecurity offers no absolute guarantees. No system is invulnerable, and today’s attackers possess both the resources and the patience needed to find weaknesses.
What a well-designed architecture can provide, however, is resilience: the ability to limit the impact of an inevitable compromise, detect it early, and respond before it becomes unmanageable.
Today, Zero Trust represents the most mature approach to achieving that objective by ensuring that every intrusion remains contained, detectable, and manageable.
An attacker who breaches one barrier should not automatically gain access to the entire information system. That is precisely what Zero Trust delivers: the ability to compartmentalize failure.
References: NIST SP 800-207 – Zero Trust Architecture; CISA Zero Trust Maturity Model v2 (2023)
