In the beginning, there was implicit trust. Networks were originally designed around the idea that all the digital assets within an organization could be protected with strong perimeter defenses (e.g., firewalls). If a user was deemed worthy to cross that perimeter and enter the network, they were generally trusted to do the right thing. But it didn’t take long for people to start abusing all-or-nothing access controls and feast at the tables set by implicit trust.
