Glossary Term

Zero Trust

Zero Trust refers to a set of IT policies and a driving ethos for them that grants access to all systems and data in a granular fashion, refusing ever to completely "trust" a user, even after authentication and even when access origins lie inside the local network.

In practice, this means that virtually every significant workflow is protected at the outset by an authentication step, without regard for the location or presumed identity of the user.

From the user's perspective, it means that a large number of authentication steps may need to be completed over the course of a given workday, despite the fact that they are on company grounds and "already logged in" to local computing environment.

For these reasons, zero trust is a difficult attitude to successfully adopt, as it tends to alienate users and drive down productivity. It is also something of a misleading term, since even if a user is forced to log in 48 times ove the course of an eight-hour workday (six times per hour), this likely leaves seven hours of non-authentication-flow time or more during which the identity of the user is still ultimately being "trusted."

The only true avenue for achiving zero trust that has been developed to date is continuous authentication of the kind provided, for example, by Plurilock DEFEND, which confirms users identity continuously, in real time, as they work.

2FA/MFA Rapid Reference

Authentication at a glance

Download the 2FA/MFA Rapid Reference now:

  • 2FA and MFA basics and common solutions
  • The benefits and drawbacks of each
  • Glossary of authentication terms

 

2FA/MFA Rapid Reference

  • 2FA and MFA basics and common solutions
  • The benefits and drawbacks of each
  • Glossary of authentication terms
Save PDF  

MORE DOWNLOADABLE REFERENCES

PDF

2020 Authentication Guide

Summary of authentication recommendations from major standards bodies, plus Plurilock’s own recommendations.
PDF

White Paper: Advanced Authentication

The state of authentication today—and why you need Plurilock products.
PDF

Understanding MFA vs. Privacy

Is multi-factor authentication always good for privacy? See why it isn't, and which strategies make the grade.
PDF

Behavioral Biometrics Guide

The definitive guide to behavioral biometrics, a core Plurilock technology.