Secure Access and Protect Data in the Cloud
with Zero Trust Security

The need for Zero Trust security

When all transactions in the enterprises are untrusted, and there is no defined security boundary, encrypting data and
protecting apps at the access point by continuously validating identities is core to enterprise security.

Work Securely and Conveniently From Home

Offer employees, contractors and consultants an easy and convenient login experience no matter where they are or what device they're using.

Expand Securely in the Cloud

Overcomes the limitations of legacy security schemes by securing cloud apps at the access point from the cloud.

Prevent Breaches and Protect Your Data

Protect apps by encrypting data and continuously validating identities.

Key principles of Zero Trust security models

This is some text inside of a div block.
This is some text inside of a div block.
This is some text inside of a div block.

Zero Trust Security Architectures

NIST describes three approaches to building an effective Zero Trust security architecture.


The identity-centric approach of Zero Trust architecture places identity of users, services, and devices at the heart of policy creation. Enterprise resource access policies are based on identity and assigned attributes. The primary requirement to access corporate resources is based on the access privileges granted to a given user, service or device. To cater for a more adaptive authentication, the policy enforcement may consider other factors as well, such as device used, asset status, and environmental factors.

The network-centric approach of Zero Trust architecture is based on network micro-segmentation of corporate resources protected by a gateway security component. To implement this approach, the enterprise should use infrastructure devices such as intelligent switches (or routers), Next Generation Firewalls (NGFW) or Software Defined Networks (SDN) to act as policy enforcement protecting each resource or group of related resources.

Combination approaches

A cloud-based combined Zero Trust architecture approach leverages cloud-based Access Management and Software at the Service Edge (SASE). The cloud-based Access Management solution protects and enforces the identities of cloud applications and services, while SASE components, such as Software Defined Networks (SDNs) or Next Generation Firewalls (NGFW) protect on-premise resources.

Thales Zero Trust Security Solutions

SafeNet Trusted Access, Thales’s cloud-based access management and authentication service, is the starting point for
effective Zero Trust security implementations, meeting Zero Trust principles:
  1. Meet a ‘verify everywhere, trust no one’ stance by enforcing access decisions dynamically at the application access point, irrespective of where the app resides, where users reside, what device users use and network routing
  2. Adhere to a ‘default deny’ policy by continuously reassessing and verifying credentials at each log in, even if Single Sign On (SSO) features are enabled

Related products

SafeNet Trusted Access

Addressing the security and performance demands of the largest, most performance-intensive environments, including those of enterprises, government agencies, and cloud service providers, the CN6000 Series encryptors offer variable-speed licenses up to 10 Gbps.

/ Try It now

Wherever your data resides we can help you own your data

Get a Demo