The so-called Zero Trust model for security proposed by Forrester Research earlier this month has revived debate about the way organizations secure their networks.
Zero Trust means end users are no more trusted than outsiders, and that organizations must inspect all traffic, from the outside and on the inside as well. While this concept has stirred Big Brother worries among skeptics, it also resonates with some experts in light of the end user application-borne attacks as well as malicious or careless insiders.

But does this user threat trend merit a whole new security model? Most security experts agree that you can't trust your internal network and have to assume you've been compromised, so it's a matter of detecting and stopping breaches before any information is stolen or damage is done. It's just that inspecting all internal traffic can be a tall order -- and maybe overkill.

The link for this article located at Dark Reading is no longer available.