ZTA seems to be hailed as the future of cybersecurity in that it focuses on the core principle of never trust, always verify - however, the infringement on privacy by requiring strict ID verification for every user is often overlooked in favor of the security it provides from internal and external threats.
While I do agree, we need some measures to counteract the coming times where more security will be needed as technology advances, I just don't see this as a practice solution for smaller use cases and organizations.
Do you think it is something that needs to be implemented or is it just another trend that will come and go as we find better solutions?
I mean, adopting zero trust is not a quick or easy fix. There are other things required to implement this, many of which companies will not want to invest time into. It quickly becomes a time consuming and expensive process. I can see it being used for hybrid work environments by mega corporations like Meta but not much else.