§ 02 · What is Zero Trust
The principle

Never trust.
Always verify.

Zero Trust replaces the perimeter with a continuous question. Every request, every time, the system asks three things:

Analogy

A building where every door requires a badge scan — not just the front entrance. Even after entering, you scan again at every room, every floor, every time.

Question 01

Who are you?

Verified through a complete identity profile — not just a username and password. Role, clearance, manager, history.

Question 02

What are you doing?

Every action is checked against security policies — not just login. Page loads, button clicks, data reads.

Question 03

Should you?

The decision considers role, location, device, risk score, and the sensitivity of what you are accessing.

Previous01 · The problem