The Five Pillars
Zero Trust is built around five core pillars: Identity, Devices, Networks, Applications/Workloads, and Data. Each pillar requires verification before access is granted.
Identity
- Enforce MFA for all users
- Use Conditional Access policies
- Apply least-privilege access
- Monitor for risky sign-ins
Devices
- Require device compliance
- Enrol all endpoints in MDM
- Block unmanaged devices from sensitive resources
Network
- Microsegment workloads
- Encrypt all traffic (east-west and north-south)
- Eliminate implicit trust based on network location
Applications
- Publish apps via an app proxy or ZTNA solution
- Scan all application access for anomalies