The Zero Trust security model enables a mobile and remote workforce to securely connect to company resources from virtually anywhere. Devices are vetted before being granted access to company resources. Companies can use tight, granular controls to specify the level of access whether the devices are connected to a corporate network, from home, or elsewhere.
An effective Zero Trust implementation requires numerous device signals, context and controls to make intelligent decisions about access. A key piece of a Zero Trust architecture is the enforcement point, which is the identity or network component that grants or denies access based on the various device and user signals that are available. For example, the enforcement point may decline access to devices that do not have the most recent security patch or show signs of running a compromised operating system.