A continues device posture evaluation, authentication and authorization of users are validated before allowing access to application and data, the solution must encompass baselining, alerting and remediation
Malware can easily spread in a flat network, like a wildfire, access to network must be checked against the identity and should only grant a granular access to intended application vs a traditional access to the entire corporate network
Identity and Access management is a key component for Zero Trust architecture, it needs to ensure MFA are checked for critical and sensitive application, this adapted practice should also account for sudden change for user behavior, a user logged in from Network York shouldn’t appear from China at the same time.