I feel like when ‘Zero Trust’ first became a thing, the theme was ‘you should have every endpoint under your control hardened so it need not feer untrusted peers being able to connect’. E.g. if you think you absolutely need VPN to a ‘private network’ for security, then you are failing to be hardened in a ‘zero trust’ way, because you implicitly fear that your systems would fall to untrusted peers.
I feel like it’s evolved to ‘don’t let anything be able to connect to anything under your control unless you have admin privilege over it as well’. Which is particularly a nightmare when you try to collaborate between two companies, each balking at the other’s hard requirement to have admin access to all network peers of interest.
I feel like when ‘Zero Trust’ first became a thing, the theme was ‘you should have every endpoint under your control hardened so it need not feer untrusted peers being able to connect’. E.g. if you think you absolutely need VPN to a ‘private network’ for security, then you are failing to be hardened in a ‘zero trust’ way, because you implicitly fear that your systems would fall to untrusted peers.
I feel like it’s evolved to ‘don’t let anything be able to connect to anything under your control unless you have admin privilege over it as well’. Which is particularly a nightmare when you try to collaborate between two companies, each balking at the other’s hard requirement to have admin access to all network peers of interest.