ZT. Zero Trust. A model, design approach, framework, and mindset in cyber security wherein every stage, process, user, and node of interaction is authenticated, authorised, and continually validated. Built on the tenet "never trust, always verify," ZT does away with the concept of "network edge" or "security perimeter" and eliminates the option to trust an entity by default, even one that is known to be network-native. Zero Trust entails the establishment of strong identity verification and authentication mechanisms, strict device compliance standards, and least-privilege access policies.
ZTNA. Zero Trust Network Access. An implementation of the Zero Trust framework as applied in how access to enterprise resources are controlled at the network level. Coined by Gartner, ZTNA obfuscates network location and adopts an identity-based authentication method to establish trust and grant access to network resources. In a ZTNA, no entity is assumed to be trustworthy regardless of role, origin, or whether the entity previously received validation for a prior session. In a ZTNA, every flow is assessed and verified afresh because sudden node compromise or policy change could occur within the interim period between two flows.
