This article is part 1 of the series “The Zero Trust Misnomer,” where I examine the real-world trust assumptions underlying Zero Trust architectures must accept.
There is always some inherent trust in any “Zero Trust” architecture.
When we hear “Zero Trust,” the immediate assumption is a world where no device, user, or system is inherently trusted. But the phrase itself is misleading. In practice, Zero Trust architectures (ZTA) still depend on certain foundational elements we must accept as trustworthy. One of the more overlooked parts of Zero Trust is the hardware used in the architecture.
The Hidden Assumption of Trust
Every modern Zero Trust initiative rides on the back of devices—laptops, servers, routers, smartphones, and so on. These devices come preloaded with baseline proprietary firmware and operating software from their manufacturers. Before any Zero Trust principle can be applied, these systems must be booted up, connected, and initialized. That entire chain is rooted in implicit trust in the hardware and the vendors that made it.
The BIOS, the embedded controllers, the Trusted Platform Module (TPM), and even the firmware in your Wi-Fi chip are part of that implicit trust process. If the manufacturer embeds backdoors or flawed code, or if the supply chain is compromised, the Zero Trust posture becomes compromised before it even starts.
Manufacturer Trust is a Soft Underbelly
Vendors range in trustworthiness. Some have long-standing reputations for quality and transparency, while others have been associated with opaque practices or even state influence. Yet organizations routinely deploy devices from these vendors without rigorous scrutiny. Why? Because it’s hard to operate otherwise.
Even highly security-conscious institutions rely on baseline trust in vendors to function. Take Intel or AMD chips, or Apple’s secure enclave—they’re essentially black boxes. You trust their security claims, because verifying them independently is functionally impossible for most.
Supply Chain Risks: A Real Threat
Hardware isn’t just made in one place. It’s a global assembly of components sourced from multiple regions, each with its own risks. A compromised chip added in a subcontractor’s facility could potentially undermine your entire security model. And firmware, often less scrutinized than software, can be persistently exploited if it’s embedded before delivery.
This was highlighted in notable industry incidents, like reports of surveillance-capable microchips allegedly inserted into supply chains—claims that were hotly debated but never fully dispelled.
Acknowledging the Trust Baseline
To make Zero Trust more honest, we need to start by identifying where trust is implicitly required. No architecture can be trustless at every level. Here are some practical tips in how you can handle trust in hardware/firmware:
- Harden the hardware onboarding process: Require integrity checks and secure boot chains that validate firmware and OS states.
- Vet suppliers thoroughly: Favor vendors who offer transparency, open firmware, and supply chain security practices.
- Monitor for anomalies continuously: Use runtime detection tools to flag behavior that doesn’t match the expected profile of hardware or firmware.
Zero Trust Is a Philosophy, Not a Guarantee
Ultimately, Zero Trust isn’t about eliminating all trust; it’s about minimizing blind trust. But we must be honest about where that trust still exists—and in hardware it comes down to the manufacturer. Recognizing and planning around the baseline trust you have to accept makes Zero Trust stronger, not weaker.
