The concept of zero trust – as a way to improve the security of and access to an organization’s network, systems, and data – has gained traction in recent years. The basic premise is that no user or device should be trusted by default and all access to data and resources should be granted based on critical business need – and such need should be continuously verified.
While zero trust can be an effective approach to security, it can also present some challenges, particularly when it comes to implementing it for software as a service (SaaS) due to the fast pace of its adoption, distributed ownership of SaaS applications across organizations, and the shared responsibility model between a SaaS vendor and a customer.
