The assumption that systems and traffic within a datacenter can be trusted is flawed. (Location 166)
A zero trust network is built upon five fundamental assertions: The network is always assumed to be hostile. External and internal threats exist on the network at all times. Network locality alone is not sufficient for deciding trust in a network. Every device, user, and network flow is authenticated and authorized. Policies must be dynamic and calculated from as many sources of data as possible. (Location 185)