# Zero Trust Security Model | | The **Zero Trust Security Model**, also known as zero trust architecture (ZTA), and sometimes known as perimeterless security, describes an approach to the strategy, design and implementation of IT systems. The main concept behind the zero trust security model is "never trust, always verify", which means that users and devices should not be trusted by default, even if they are connected to a permissioned network such as a corporate LAN and even if they were previously verified. | | --- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | | wikipedia:: [Zero trust security model](https://en.wikipedia.org/wiki/Zero_trust_security_model) | aka:: ZTA, ZTNA contra [[Perimeter-based Security]], e.g. contra [[VPN]] giving access to a large section of a private network assumed to be secure. [[Cloudflare]] ## Sources - [Definition of Zero Trust Network Access (ZTNA) - Gartner Information Technology Glossary](https://www.gartner.com/en/information-technology/glossary/zero-trust-network-access-ztna-#:~:text=Zero%20trust%20network%20access%20(ZTNA)%20is%20a%20product%20or%20service,application%20or%20set%20of%20applications.)