Truth: Identity is only part of Zero Trust. Traffic the asserted identity generates must be inspected for malicious content and unauthorized activity and logged through Layer 7. Start with the protect surface (the sensitive data you want to protect), and extend across the network to the applications, systems and users.
1. “The Forrester Wave™: Privileged Identity Management, Q4 2018
2. “The 2018 Cost of Insider Threats: Global Study,” Ponemon Institute, April 2018
3. “Pursue Zero Trust on the Extended Network,” Forrester Research, April 2018
4. “Adopt Next-Gen Access to Power Your Zero Trust Strategy,” Forrester Research, April 2018