Zero Trust starts with identity.

Zero Trust is a strategic approach to cybersecurity that ensures security in an organization by eliminating implicit trust and continuously validating every stage of a digital interaction. Zero Trust considers the full ecosystem of controls–network, endpoint, cloud, application, IoT, identity and more–that organizations depend on for protection.  Zero trust Access implementation involves a policy of never trusting and always verifying the authenticity and privileges of devices and users, regardless of where they are in the network. Implementing zero trust hinges on network access control (NAC) systems and the segmentation of your network according to the areas you most need to protect.
The Zero Trust security framework requires all users in the network be authenticated, authorised and continuously validated before being granted and keeping access to applications and data. Zero Trust Edge architecture converges networking and security technologies together, both on-premises and in the cloud, to deliver Zero Trust everywhere with ZTNA. Zero Trust Network Access provides explicit access to users per application based on continuous identity and context validation. A comprehensive zero trust approach encompasses Users, Applications and Infrastructure.