Be sure your Zero Trust plan gives complete coverage

The what, when, and where of zero trust

Does your Zero Trust Security plan give complete coverage?

So, you’re moving to a Zero Trust security plan. You know the principles of Zero Trust. Great. But you also need to ensure your Zero Trust plan covers all the bases. That means three areas: what your plan covers, when, and where.

What do your Zero Trust protocols cover?

Your Zero Trust plan needs to ensure you’re managing access to and from every type of entity. That means managing access from:

  • All devices—That means computers, including desktops and laptops, but also mobile phones and other mobile devices.
  • All users—Employees, contractors, vendors, and customers.
  • To all types of data and applications—Your Zero Trust plan needs to manage access to your cloud applications and data as well as on-prem ones. It needs to handle databases, servers, software, and everything that could put your company at risk.

When is your access plan applied?

Key to Zero Trust is the idea that you don’t trust access attempts inside the organization any more than those coming from outside of it. So, when users inside the firewall try to access an application, you manage them largely like you would those outside the firewall.

In addition, Zero Trust doesn’t make exceptions. Your high-security requirements apply whenever someone attempts to access an application or data. When pretty much means always.

Where do you enforce Zero Trust?

Traditional security methods are focused on the endpoints where cyber criminals initiate their attacks. Zero Trust applies everywhere:

  • Data access points
  • Cloud applications
  • On-prem and legacy apps
  • Ideally, the desktop, laptop, or phone—so that even the device login is protected

The tools for Zero Trust

Single Sign-On (SSO) and Multi-Factor Authentication (MFA) are two tools that can help you address the what, when, and where. SSO improves both security and ease-of-use, eliminating passwords and using a vetted trust relationship for safe authorization. MFA adds an important level of security by requesting additional data from users to verify they are who they say they are.

Add to this a good identity management system that provides role-based access control and easy provisioning capabilities; a system to protect devices through SSO; and, preferably, risk-based authentication that accounts for contextual information such as the user’s location, IP address, and login time to create user profiles and challenge risky login attempts. These tools, on top of a secure infrastructure with micro-segmentation, will help you implement Zero Trust security in a way that isn’t burdensome to users.

Thanks for signing up.

We’ve sent a verification email to

To complete your trial sign up, please check your email and follow instructions to verify. You may need to check your spam. You will be prompted to set up a password and log in. Please note that your user name is your email address.

Get Started in 3 Easy Steps:

Try OneLogin Free for 30 days

All fields are required

  • This field is required.
  • Please enter your first name
  • Please enter your last name
  • Please enter your job title
  • Please enter your phone number
  • Note: Please enter a work email address only as we DO NOT accept web-mail addresses (gmail, yahoo, hotmail, etc.)

    Is that a correct business email address?
  • Please enter company name
    Please choose another subdomain
  • Please enter number of employees
  • Please enter country
  • Please enter state
  • By completing and submitting this form, I agree to the storing and processing of my personal data by OneLogin as described in our Terms of Service and Privacy Policy.

  • By creating your account, you agree to the Terms of Service and Privacy Policy.

Related Resources:

How to get to zero trust security

Learn about the four principles and the four tools you need to apply to get to zero trust security.

Read More

Quiz: Can you name these common cyberattacks?

Can you name the most common cyberattacks? Take our quiz and see how cyber-knowledgeable you really are.

Take Quiz

Securing Mobile Devices: The Zero Trust Model

See how the death of the security perimeter leads to a new way of thinking about security for mobile devices.

Read More