Zero trust requires network visibility

In a zero-confide environment confide is not static. Behavior has to be perceptible for confide to persist.

One of the most expressive differences between old thinking on networking and the zero-confide mindset is the reversal of thinking on confide. Pre-ZT the arrogance was this: Once you get on the network you are assumed to be allowed to use it any way you want until something unwonted happens that forces IT to shut you down and displace your approach. You are assumed broadly confideworthy and confirming that status positively is very rare. It is also very rare to have that status revoked.

Post-ZT the arrogance is flipped: Use of the network is entirely contingent on good conduct and you are strictly limited as to what you can adjoin with and how. You can only do what the structure allows in advance and any expressive misconduct will automatically result in you being pushed off the network.

Read more: Use zero confide to battle network technical debt

The ’automatically’ part is expressive. A ZT architecture includes as an integral ingredient a closed loop between ongoing conduct on the network and ongoing leave to use it (as manifest in the confide map that drives the environments plan engine). That is ZT by determination requires that there be feedback automated and preferably real-time from observable network conduct to enforced network leaves.

Spotting expressive misconduct requires deep visibility