惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

L
LINUX DO - 最新话题
小众软件
小众软件
C
Check Point Blog
酷 壳 – CoolShell
酷 壳 – CoolShell
V
Visual Studio Blog
Last Week in AI
Last Week in AI
P
Proofpoint News Feed
奇客Solidot–传递最新科技情报
奇客Solidot–传递最新科技情报
The GitHub Blog
The GitHub Blog
T
Tailwind CSS Blog
Recorded Future
Recorded Future
雷峰网
雷峰网
WordPress大学
WordPress大学
A
Arctic Wolf
Threat Intelligence Blog | Flashpoint
Threat Intelligence Blog | Flashpoint
Project Zero
Project Zero
T
Tor Project blog
T
Threat Research - Cisco Blogs
Scott Helme
Scott Helme
Spread Privacy
Spread Privacy
G
Google Developers Blog
Security Latest
Security Latest
MongoDB | Blog
MongoDB | Blog
T
Threatpost
I
InfoQ
T
Tenable Blog
T
The Exploit Database - CXSecurity.com
S
Security Affairs
H
Hackread – Cybersecurity News, Data Breaches, AI and More
人人都是产品经理
人人都是产品经理
C
Cisco Blogs
博客园 - 三生石上(FineUI控件)
cs.CL updates on arXiv.org
cs.CL updates on arXiv.org
aimingoo的专栏
aimingoo的专栏
C
CXSECURITY Database RSS Feed - CXSecurity.com
美团技术团队
Google DeepMind News
Google DeepMind News
The Hacker News
The Hacker News
D
Docker
博客园 - 【当耐特】
大猫的无限游戏
大猫的无限游戏
让小产品的独立变现更简单 - ezindie.com
让小产品的独立变现更简单 - ezindie.com
Vercel News
Vercel News
PCI Perspectives
PCI Perspectives
Microsoft Azure Blog
Microsoft Azure Blog
C
CERT Recently Published Vulnerability Notes
月光博客
月光博客
Cloudbric
Cloudbric
A
About on SuperTechFans
F
Fortinet All Blogs

WhatIs

Strategic IT outlook: Tech conferences and events calendar | TechTarget 8 AI use cases in manufacturing Enterprises are making an AI native transformation Generative AI ethics: 16 biggest concerns and risks Zero trust in the IT ops stack: Securing hybrid workloads How algorithmic value sets enhance clinical decision-making Top methods for collecting customer feedback Build a data governance team that delivers results How to calculate the total cost of ownership of ERP software Communities call for transparency in AI data center deals Scalable IT infrastructure: Balancing speed with stability How health systems are tackling 'Kill the Clipboard' obstacles Understanding the science behind AI-based hiring assessments Tape's strategic role in modern data protection How to choose an HR software system in 2026: A complete guide The UC stack gets the policy job 13 top IT infrastructure conferences in 2026 SNMP vs. CMIP: What's the difference? 3 essential network analytics use cases AI Security Risks Force CIOs to Rethink Strategy Red Hat Summit 2026 news and conference guide | TechTarget What is HR technology (human resources tech)? Understand, optimize and track customer journey touchpoints Should IT use Apple Business Manager without MDM? Build and organize an effective machine learning team The storage modernization imperative in a fast-changing IT landscape Procurement automation use cases for CSCOs to consider 3 steps for health system leaders to drive patient safety culture What is DevOps? Meaning, methodology and guide Enterprises Face New Storage Bottlenecks as AI Grows A guide to Intune Suite licensing for endpoint management Epic controls 42% of the US EHR market. Does that help or hurt interoperability? SAP Sapphire 2026 news, trends and analysis | TechTarget How to develop a data governance strategy: 7 key steps 12 generative AI tools for marketing and sales teams Top 9 smart contract platforms to consider in 2026 Top 8 e-signature software providers for 2026 Rise with SAP vs. S/4HANA Cloud: What are the differences? How businesses use KPIs to measure AI's performance 5 clues your network has shadow AI How do digital signatures work? Collaboration security and governance must be proactive Compare SAP greenfield vs. brownfield approach for S/4HANA Merck, Home Depot tap Gemini Enterprise for AI agent development Rural challenges may dampen digital healthcare's potential Build an ethical AI framework: 12 top resources The great workload reshuffle: Choices for AI and analytics How to remove a device from Intune enrollment Cisco unveils quantum network advancements 3 BYOD security risks and how to prevent them 10 of the top carbon accounting software 8 trends powering machine learning's dynamic new roles Network engineers must take the lead to push DDI to the cloud How does Microsoft 365 Copilot pricing and licensing work? ONC highlights behavioral health EHR adoption trends, data exchange barriers LLMs struggle with clinical reasoning, study finds Democratizing AI in business: The good, bad and ugly What can organizations do to address BYOD privacy concerns? Fix the service path before you optimize it with AI How AI reshapes upselling in customer experience platforms When collaboration starts becoming operational drag Balancing health AI management with growing vendor sprawl Career cure for AI phobia: Be a beekeeper, not a worker bee 16 top applicant tracking systems for 2026 How a rural community hospital deploys AI to detect heart disease 8 examples of document version control Guide to 30+ sustainability certifications for professionals AI agents are only as smart as the data that feeds them AI could earn trust in transactional work first How to fix keyboard connection issues on a remote desktop How to add and enroll devices to Microsoft Intune 11 DevSecOps best practices to prioritize in 2026 6 key components of a successful data strategy How to enable Copilot in Microsoft 365: A step-by-step guide What CIOs need to know about Meta's proposed CEO AI agent Top AI recruiting tools and software of 2026 How contact centers detect and prevent fraud 10 essential skills for modern contact center agents Beyond the chatbot: Engineering the agentic enterprise AI in business intelligence: How to manage it effectively Why legacy networks are a growing liability Failure is an option as an IT leadership tool How HR can create a successful change management strategy HR AI is becoming a change management story Digital transformation: Balancing speed and governance RSAC 2026 Conference: Key news and industry analysis | TechTarget 8 best practices for a bulletproof IAM strategy 5 customer journey phases businesses should understand 12 top HR software and tool options to consider in 2025 6 contact center trends shaping the future of customer service Contact center monitoring best practices for CX leaders Cloud vs. local backup: Which is right for your organization? 6 steps for when remote desktop credentials are not working How governance maturity affects M&A integration outcomes Inside the push to turn AI agents into suite functionality How should contact centers use AI today? Accenture global health lead on scaling AI in healthcare with governance and intent 10 best free DevOps certifications and training courses in 2026 What is compensation management? What CIOs must know about bossware strategy
Top zero-trust use cases in the enterprise
2026-05-01 · via WhatIs

Andrew Froehlich

By

Published: 04 Oct 2022

Zero trust sounds easy enough -- just remove trust from the equation. But it isn't quite that simple. Moving from a traditional security architecture that assumes trust for devices, individuals and locations to a zero-trust model that instead trusts nothing until it is verified requires new tools, methodologies and a different way of thinking.

Legacy network security designs were perimeter-based, castle-and-moat philosophies. Everything outside the perimeter was considered hostile until proven otherwise. Network security tools -- among them firewalls, intrusion prevention systems, VPNs and other security services -- were deployed to fortify internet and extranet edges of corporate networks. Once on the inside, network-connected devices, users and communications were largely considered "trusted."

Many in the industry realized this was not the most secure approach, but only recently were tools developed that help assume all network devices, users and locations should be considered untrusted until they are verified.

Two additional factors driving the movement toward zero-trust strategies are public clouds and the uptick in remote workforces. As applications, data and services began migrating to public clouds, security administrators quickly realized that network flows were no longer passing directly through the corporate network. The same is true of workers accessing resources from outside the corporate LAN. Thus, edge security tools have become far less effective and, in some cases, have become performance bottlenecks when remote traffic is hairpinned through perimeter security tools.

The ability to create virtualized protective barriers around critical resources -- both on premises and in the cloud -- eliminates flaws found in previous perimeter security models.

Zero-trust use cases in the enterprise

For organizations that see a zero-trust model as a good fit for their infrastructure, learning how to correctly build and manage a zero-trust network is likely a top priority. One of the best ways to understand how to implement zero trust is to look at zero-trust use cases.

Here are four examples of where zero trust can significantly bolster a company's security posture.

Secure third parties working inside the corporate network. Most enterprises support employees on the corporate network. However, it's inevitable that other users, such as third-party business partners, will also work from within your corporate network. These situations spotlight the true reason why location-based security tools are woefully overrated and why security should be uniform -- via zero trust -- across the board.

Graphic of how to build a zero-trust network
Each step in building a zero-trust network requires a variety of tools.

Protect remote workers accessing public cloud resources. Managing the security of remote employees has been a major concern during the COVID-19 pandemic. Security administrators are finding their edge security products provide no benefit to remote workers who use the internet to connect directly to public cloud resources. While it is possible to force remote workers through the corporate network via VPNs or virtual desktop infrastructure technologies, these options often prove inefficient and burdensome. Zero-trust security is a great alternative because it does not require users to connect to the corporate network before accessing cloud services.

IoT security and visibility. For businesses with IoT ambitions, security is a major issue because many embedded IoT devices are not secure out of the box. Instead, security mechanisms are often wrapped around IoT deployments.

Zero trust offers two key security benefits for IoT deployments. First, it helps build and maintain a dynamically learned inventory of devices that includes IoT sensors. Knowing where IoT devices reside at any given time is an important consideration of any IoT project.

Second, zero trust can automate the security health monitoring of autonomous IoT devices. In many cases, it's impossible to install agent-based security, such as endpoint detection and response, on IoT sensors. Zero trust can be used as an alternative to strictly limit who and what IoT devices can communicate with in the event of a compromise, reducing the overall vulnerability of IoT deployments.

Data center microsegmentation. A relatively new data center trend is known as distributed computing. This is where compute services are spread across multiple compute infrastructures and clouds but operate as a single application. Benefits of this model include improved performance, reliability and scalability. One drawback, however, is that the distributed services must be in constant communication with one another. Any compromise or mimicking of a service can affect and compromise the entire application. Implement zero trust within systems, data centers and clouds to help protect the integrity of laterally moving data as it passes from one service to another.

Zero-trust use cases: The benefits

From a cost-benefit analysis perspective, zero-trust use cases offer several security advantages that are otherwise difficult or impossible to achieve. These include the following:

  • Uniform security, regardless of device, user or location. Zero trust removes inherent bias stemming from device type, user status or location the device or user is connecting from. This flattens the security playing field, requiring full enforcement of security mechanisms across the entire corporate infrastructure.
  • Increased security visibility. Zero trust provides unprecedented visibility by centralizing security logging and management, as well as automating the discovery of devices, applications and end users. This helps create a uniform security policy, no matter where applications, data and services reside.
  • Regain security control of cloud and edge services. Zero trust can be deployed anywhere it's needed. This not only includes users and devices that connect from or into privately owned and operated networks, but also public cloud and edge compute services.

Myths about zero trust

Because zero trust has been such a popular buzzword over the past few years, myths are floating around that, in most cases, have been spawned by misleading marketing material.

One major myth is that any infrastructure can easily adopt a zero-trust model. The unfortunate truth about a zero-trust deployment is that it's far more achievable with modern network hardware and applications. Legacy systems and applications cannot always be retrofitted to support zero trust. The hardware and software used in many situations was built on the concept of secure boundaries. Such tools work by inspecting traffic as it moves from centrally located clients to centrally located application servers. These models are no longer relevant when it comes to zero trust. Major architectural and hardware changes are often required to deploy a zero-trust framework.

In addition, several popular open and proprietary peer-to-peer (P2P) or mesh protocols -- such as Zigbee or Z-Wave -- are not conducive to zero trust. Thus, it's possible that major P2P or mesh deployments would have to be reworked to adhere to the zero-trust model.

The second myth is that zero trust will not restrict daily workflows or hold the organization back if it pivots toward new business goals. If zero trust is not carefully designed and deployed with flexibility in mind, the security model can quickly become an administrative nightmare when major changes are required. In this scenario, zero trust has the potential to be more trouble than it's worth. That said, deployment and management tools are getting better by the day, and this concern is quickly fading.

Zero-trust trends

Now that the zero-trust market has had a few years to mature, some trends are beginning to emerge.

First, enterprises are taking an outside-in approach to zero trust. This means the focus is on the verification of end-user devices first, then working inward to protect interserver and infrastructure communications.

A second trend is the increased reliance on AI and automation to assist with tasks such as patch management and threat identification and prioritization. These create management and operational efficiencies from a maintenance and threat response perspective within zero-trust tools.

Finally, zero trust is using edge computing to place security services as close to local and remote workforces as possible. This improves performance and streamlines the end-user experience.

Next Steps

SDP vs. VPN vs. zero-trust networks: What's the difference?

The 5 principles of zero-trust security

7 steps for implementing zero trust, with real-life examples

The 7 core pillars of a zero-trust architecture

How to choose the best ZTNA vendor for your organization

Dig Deeper on Network security