What is Zero Trust security architecture?

Zero Trust is a security model based on the principle "never trust, always verify" — abandoning the traditional perimeter-based model (trust everything inside the network). In Zero Trust, no user, device, or network segment is inherently trusted, even if inside the corporate perimeter. Core tenets: (1) Verify explicitly: always authenticate and authorize based on all available data points (identity, location, device, service, data, anomalies). (2) Least privilege access: limit user access with just-in-time and just-enough-access, risk-based adaptive policies. (3) Assume breach: design as if the attacker is already inside — minimize blast radius, segment access, encrypt everything, verify end-to-end. Implementation: Identity as the new perimeter (strong IAM, MFA), micro-segmentation, device health validation, continuous monitoring. Frameworks: NIST SP 800-207, Google BeyondCorp. Technologies: ZTNA (Zero Trust Network Access), PAM, CASB. Driven by remote work, cloud adoption, and insider threat concerns.