Organizations must discard the old model of “trust but verify” which relied on well-defined boundaries. Zero trust mandates a “never trust, always verify, enforce least privilege” approach to privileged access, from inside or outside the network. By implementing least privilege access, organizations minimize the attack surface and reduce risk, complexity and costs for the modern hybrid enterprise.