Verify and Authenticate: Zero trust security requires that all users and devices be verified and authenticated before being granted access to any resources
Least Privilege Access: Users should only be granted access to the resources they need to do their job.
Micro-segmentation: Zero trust security requires that networks be segmented into smaller, more manageable parts.
Continuous Monitoring: Zero trust security requires continuous monitoring of user behavior and network activity. This allows security teams to quickly detect and respond to any suspicious activity
Assume Breach: Zero trust security assumes that a breach has already occurred, and that attackers are already inside the network.