Exactly what is a trusted network? For many it is the supposedly secure haven in which network operations can happen without fear of compromise. Typically, it is segmented and access is limited through devices such as firewalls and role-based access control. In the PCI DSS world, the Cardholder Data Environment (CDE) is the classic example of such a design. The wider internal network is protected by the normal username / password combination that we’re all familiar with. As a concept, it has worked well and provided a reasonable level of protection for corporate environments. At its heart is the view that all devices connected to the network ensure some form of trust