Glossary Term

Zero Trust

More About Plurilock

PDF

White Paper: Advanced Authentication

The state of authentication today—and why you need Plurilock products.
PDF

Plurilock Quad Chart

Quick, visual summaries of Plurilock value, use cases, architecture, and typical clients.
PDF

2019 Authentication Guide

Summary of authentication recommendations from major standards bodies, plus Plurilock’s own recommendations.
PDF

Behavioral Biometrics Guide

The definitive guide to behavioral biometrics, a core Plurilock technology.

Zero Trust refers to a set of IT policies and a driving ethos for them that grants access to all systems and data in a granular fashion, refusing ever to completely "trust" a user, even after authentication and even when access origins lie inside the local network. In practice, this means that virtually every significant workflow is protected at the outset by an authentication step, without regard for the location or presumed identity of the user.¶From the user's perspective, it means that a large number of authentication steps may need to be completed over the course of a given workday, despite the fact that they are on company grounds and "already logged in" to local computing environment.¶For these reasons, zero trust is a difficult attitude to successfully adopt, as it tends to alienate users and drive down productivity. It is also something of a misleading term, since even if a user is forced to log in 48 times ove the course of an eight-hour workday (six times per hour), this likely leaves seven hours of non-authentication-flow time or more during which the identity of the user is still ultimately being "trusted."¶The only true avenue for achiving zero trust that has been developed to date is continuous authentication of the kind provided, for example, by Plurilock DEFEND, which confirms users identity continuously, in real time, as they work.

Stay informed. Join our low-volume list for news and updates.

PLURILOCK IS THE LEADER IN ADVANCED AUTHENTICATION

Plurilock is the leader in advanced, risk-based authentication. We provide invisible, device-free MFA for corporate endpoints, Citrix sessions, cloud applications, and their users in finance, healthcare, education, and SaaS.

Follow

        

Contact Plurilock

Have a question or comment?