ZT1 IDENTITY
Strict Identity Verification
Every user and device must prove their identity before accessing the system. Trust is never assumed based on network location alone.
SECURE ARCHITECTURE · ZERO TRUST
Keep your data secure with Zero Trust Architecture.
XMPro is built on a Zero Trust foundation. Every request is verified, every identity is checked, and every action is governed. Whether operations run in the cloud, on-premise, or hybrid, the same protective envelope applies.
A security model built for industrial operations.
Zero Trust shifts the fundamental paradigm from network-based trust to data- and identity-based trust. Nothing inside or outside the perimeter is automatically trusted; everything connecting to the platform is verified before access is granted. That model maps cleanly onto the realities of IT, OT, and engineering environments, where the boundary between inside and outside is no longer a useful security construct.
For the full platform context, see XMPro Platform →
How Zero Trust is implemented in XMPro.
Five operating principles enforce the Zero Trust model end-to-end, from initial sign-in through every downstream call between agents, services, and data sources.
ZT2 SEGMENT
Microsegmentation
Security perimeters are broken into small zones to maintain separate, controlled access for distinct parts of the platform.
ZT3 LEAST-PRIV
Least Privilege Access
The principle of least privilege ensures that users and services have just enough access to perform their function and no more.
ZT4 MFA
Multi-factor Authentication
Multiple pieces of evidence are required to authenticate a user, making impersonation significantly harder for attackers.
ZT5 AI/ML
AI and Machine Learning Detection
Industry-standard logging and telemetry feed AI and machine learning systems that identify abnormal behaviour and respond to threats in real time.
ZT · FOLD PLATFORM
Where this fits.
Zero Trust is one layer of the broader XMPro Platform. See how it sits alongside data, model, and agent governance.
Explore the Platform →A practical model, not a marketing label.
Three concrete benefits drive the shift from network-based trust to identity- and data-based trust.
ZT01 DATA SECURITY
Improved Data Security
Verifying every access request, regardless of source, significantly reduces the surface area available for data breaches.
ZT02 INSIDER RISK
Reduced Insider Threat Risk
Every user and device is treated as potentially hostile, whether inside or outside the network, so a compromised account does not become a free pass.
ZT03 VISIBILITY
Greater Visibility and Control
Detailed logs and analytics give security teams continuous insight into who is doing what, with which data, from where.
Security measures, end to end.
Zero Trust is the model; these are the controls that operationalise it across the platform and the operational data it handles.
SM1 ENCRYPTION
Data Encryption
Advanced encryption protects data both at rest and in transit, so operational records and telemetry remain unreadable to unauthorised parties.
SM2 AUDIT
Regular Security Audits
Routine audits identify and rectify potential vulnerabilities, keeping the platform aligned with emerging threat patterns.
SM3 SDLC
Secure Development Practices
Engineering follows secure coding practices to prevent common risks such as injection attacks, cross-site scripting, and unsafe deserialisation.
SM4 RESPONSE
Incident Response Plan
A defined response plan governs detection, containment, and recovery, so security events are handled with predictable, audited steps.
SM5 TRAINING
User Training
Security is a shared responsibility. Regular training keeps users current on safe handling of credentials, data, and operational records.
SM6 THREATINTEL
Threat Intelligence and Monitoring
The security team uses advanced threat intelligence and continuous monitoring to identify and mitigate vulnerabilities before they can be exploited.
Ready to put your data behind Zero Trust?
Talk to an expert about how Zero Trust applies to your operational environment, or explore where it sits in the wider XMPro Platform.
