Zero trust architecture (ZTA) is a cybersecurity approach that authenticates and authorizes every interaction between a network and a user or device—in contrast to traditional cybersecurity models that allow users or devices to move freely within the network once they are granted access. ZTA works on the "never trust, always verify" principle and assumes that attacks will come from within and outside of the network. ZTA could provide better protection of an organization's data and systems, but it may be difficult to implement because there is no widely accepted definition of what a fully functional ZTA looks like in practice.