One of the biggest problems with digital communication is the illusion that it has taken place with the correct person. Symantec, as a division of Broadcom, believes digital communications are based on trust. Applications trust that the person requesting access or giving commands is actually authorized to do so, but that isn’t always the case. Credentials and legitimate sessions are easily stolen and compromised, which is why the first tenet of Zero Trust is to verify every user and every device requesting access.
So, is authentication the solution to addressing the first tenet of Zero Trust? Yes and no. Authentication plays a critical role in addressing this tenet of Zero Trust, but it is not the whole answer.
Authentication: 2FA or not 2FA…that is the question.
The role of authentication is to positively identify a legitimate user from a fraudulent one. For many years, passwords were the de facto standard, and in many areas, they are still the preferred method to authenticate users.