Researcher John Kindervag published a paper about a decade ago that argued administrators of sensitive computer networks shouldn’t trust anyone on their networks, regardless of their title.
It’s not good enough simply to try to keep bad guys out of your network, he argued. You also have to put strict limits on the people already inside, thus the shorthand for the security model: "zero trust.”
"People told me I was crazy,” Kindervag said of the 2010 report. But the cybersecurity approach has slowly gained followers over the years, as government agencies and private businesses have been continually pummeled by computer hacks.