View Resource
Zero Trust Principles and Guidance for Identity and Access Management (IAM) 7/13
Release Date: 10/11/2023
Organization: CSA
Content Type: Guidance
Solution Provider Neutrality: Neutral
Identity and the ability to consume attributes and Zero Trust (ZT) signals across pillars is a key principle of zero trust architecture. ZT aims to reduce the success of cyber-attacks and data breaches using risk-based access requirements, including phishing resistant MFA and robust, fine grained, least privilege authorization.
ZT implements controls closer to the asset being protected (the protect surface). From an IAM perspective this increases the richness of the risk-based access control decision and avoids granting access based on binary trust of a single parameter.