Zero Trust is a security initiative/concept that enforces that every user outside or inside an organization
gets authenticated, authorized, and comply with various security configurations and the organization’s
security posture. The principle followed by the Zero trust model is “never trust, always verify”. The zero
trust model is designed to protect digital infrastructure and environments by providing layer 7 threat
protection, network segmentation, user access control, and prevention of lateral movement.
NIST has also published a Zero Trust architecture framework, in which Shadow IT is listed as a risk that
needs to be assessed.