If you want to work remotely from home — or stay on the move as a digital nomad — you can thank zero trust for making that possible. Credit: AWS Countless articles have been published in the past few years about zero trust, most of them explorations and expositions for security professionals. But I want to write for remote workers on the other side of the so-called “trust” equation — the people who will deal with the changes and inconveniences as zero-trust strategies are implemented and refined over the next few years. Welcome to this jargon-free explanation of zero trust. If you’re a security professional or IT pro of any kind, please keep this newsletter to share with employees — especially remote employees — who need to understand what’s happening and why. First and foremost, zero trust is not a product or a service — it’s an idea, an approach, a strategy. We need zero trust to secure the future of the workplace. And the reason is that the old strategy — perimeter security — doesn’t work anymore. With perimeter security, a company firewall was established. Any person, device, and application inside the firewall was assumed to be safe — they were trusted because they were inside. Remote employees could get inside the firewall by using a virtual private network (VPN), which is software that encrypts data and enables an authorized person to get inside the firewall, even from a home office or a hotel in another country. Perimeter security worked well enough in the old days, but the world has changed. And now it doesn’t work. Connectivity is far too complex, and cyberattackers have become far too sophisticated. Nowadays we have all kinds of old-fashioned networking, complicated cloud computing arrangements, and huge numbers of tiny, connected, often sensor-based units all lumped together under the Internet of Things (IoT) umbrella. And we have you. Yes, you. The biggest reason perimeter security no longer works is because people work remotely not only from home offices, but over any connection in any place from anywhere. Consider the home office. With a perimeter security arrangement, you would connect via your home Wi-Fi using a VPN, enabling your main work laptop to be inside the firewall. Now, any number of things could happen: The neighbor’s hacker kid, who can reach your Wi-Fi from her bedroom, uses that access to hack your laptop, compromise your VPN software and thereby compromise the entire company because now she, too, is inside the perimeter at your workplace. You step away from your laptop for a few minutes, and while you’re still logged in your son’s friend goes into your home office to sneak a look at porn. In doing so, he visits some shady site that auto-downloads all kinds of malware to your laptop. After that event, your laptop connects to servers in Eastern Europe all day, every day, which enables professional malicious hacker gangs to enjoy VPN access to your company’s networks. Your parents buy your kids a toy for Christmas, which happens to connect via Wi-Fi. Now you’ve got an IoT device on your home network from a company that has no intentions of ever issuing a security update. This device is another doorway to your Wi-Fi, to your laptop, and to your company by clever drive-by hackers operating from a car at the curb out front. These scenarios involve just one WFH employee. Now imagine 5,000 remote employees at a single company working from home and from around the world, all with untold varieties of vulnerabilities. You see why remote work is the enemy of perimeter security? Here’s how zero trust works. Instead of relying on a secure “perimeter” that cannot be secured, your company will require that every user, device, and application is authenticated individually. That means: Even if your laptop and you are authorized to gain access to company resources, if someone plugs in a thumb drive into your system, neither that drive nor the software thereon will be authorized to access those same resources. The hacker kid next door can’t gain access. The malware downloaded to your laptop can’t gain access. The random IoT devices that show up on your home Wi-Fi can’t gain access. The downside, as you can imagine, is that all that authentication will increase inconvenience. You’ll need very good password hygiene and practices. You’ll probably need biometric authentication. There will be accidental occurrences where an authorized device or application will be denied access, and you’ll have to work with the support desk to sort it all out. But all this inconvenience is the price we pay for the power of IoT, cloud computing and, above all, remote work. The process is coming, and there will be a learning curve. But, in the end, I urge you to trust zero trust. It’s just the way things have to work now. Related content news Microsoft reminder: Support for Office 2016 and 2019 ends next year Older versions of Office apps and servers will no longer get security updates as of October 2025 — when Windows 10 also reaches end of support. By Matthew Finnegan Apr 19, 2024 3 mins Microsoft Office Microsoft Office Suites news Google consolidates AI teams into DeepMind to scale capacity The restructuring will simplify development by concentrating compute-intensive model building in one place and establishing single access points for PAs looking to take these models and build generative AI applications, Google said. By Gyana Swain Apr 19, 2024 4 mins Google news Zoom offers AI-based updates to its Workplace collaboration space The company's Workplace collaboration space gets several user interface upgrades over its previous version. By Lucas Mearian Apr 18, 2024 3 mins Zoom Video Communications Generative AI Collaboration Software news Report: Microsoft-OpenAI ownership might get conditional OK from EU regulators European Commission regulators are officially noncommittal on the antitrust action, but a Reuters report indicates Microsoft-OpenAI deals are unlikely to trigger review. By Jon Gold Apr 18, 2024 3 mins Regulation Government Microsoft Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe