Adopt a Zero Trust approach

  • 6 minutes

Organizations should adopt a Zero Trust approach to security protection to meet today’s most challenging security demands. This approach covers four key areas: Identity, Security, Compliance, and Skilling.

1. Identity: The starting point of a Zero Trust approach

Adopting a Zero Trust strategy is a journey. Every single step your organization takes will make it more secure. In today’s world, with disappearing corporate network perimeters, identity is an organization's first line of defense. Each organization's Zero Trust journey will be unique. It's recommended that you start with a strong cloud identity foundation. The most fundamental steps like strong authentication, protecting user credentials, and protecting devices are the most essential.

Microsoft Entra ID is Microsoft's cloud identity solution. It provides the following features that can help organizations on their Zero Trust journey:

  • Passwordless authentication. This feature eliminates one of the weakest links in security today. It's now generally available for cloud and hybrid environments. Passwordless authentication creates a complete experience for all employees, so they no longer need passwords to sign in to the network. Instead, Microsoft Entra ID lets them sign-in with biometrics or a tap using Windows Hello for Business, the Microsoft Authenticator app, or a compatible FIDO2 security key from Microsoft Intelligent Security Association partners such as Yubico, Feitian, and AuthenTrend. With Temporary Access Pass, you can generate a time-limited code to set up or recover a passwordless credential.
  • Microsoft Entra Conditional Access. This feature is the policy engine at the heart of Microsoft's Zero Trust solution. It helps organizations protect important information without unduly restricting access to less sensitive content. It uses authentication context to enforce even more granular policies based on:
    • user actions within the app they're using.
    • sensitivity of data they're trying to access.
  • Microsoft Entra Verified I D. Verifiable credentials let organizations confirm information—like their education or the professional certifications someone provides—without collecting and storing their personal data. This design improves security and privacy. Microsoft's partnerships that integrate Microsoft Entra Verified I D with leading identity verification providers will also improve verifiability and secure information exchange.

2. Security: Simplifying the “assume breach” toolset

In today’s landscape, an organization's security approach should start with the key Zero Trust principle of assume breach. But too often, complexity and fragmentation stand in the way. Microsoft is committed to helping you solve these issues, as it builds security for all, delivered from the cloud.

This commitment begins with integrated solutions that let organizations focus on what matters and deliver visibility across all their platforms and all their clouds. Some vendors deliver endpoint or email protection. Others deliver Security Information and Event Management (SIEM) tools. Integrating these pieces together can be a time-consuming challenge. Microsoft takes a holistic approach that combines best-of-breed SIEM tools and extended detection and response (XDR) tools to improve your posture, protection, and response. This design gives organizations the best-of-breed combined with the best-of-integration so they don’t have to compromise.

Microsoft provides the following features to simplify the experience for administrators with modern and integrated capabilities:

  • Microsoft Defender for Endpoint and Microsoft Defender for Office 365 customers can investigate and remediate threats from the Microsoft Defender portal. It provides unified alerts, user and investigation pages for deep, automated analysis, and simple visualization. It also provides a new Learning Hub where customers can use instructional resources with best practices and how-tos.
  • Incidents, schema, and user experiences are now common between Microsoft Defender XDR and Azure Sentinel. Microsoft continues to expand connectors for Azure Sentinel and work to simplify data ingestion and automation.
  • Threat Analytics provides a set of reports from expert Microsoft security researchers. These reports will help you understand, prevent, and mitigate active threats directly within Microsoft Defender XDR.
  • Microsoft has brought Secured-core to Windows Server and edge devices. This design will help minimize risk from firmware vulnerabilities and advanced malware in IoT and hybrid cloud environments.

Microsoft continues and strengthens its commitment to deliver state-of-the-art protection, detection, and response for all clouds and all platforms. One such solution it provides is Microsoft Defender for Endpoint, which is available for Android, iOS, macOS, Linux, and Windows. Microsoft also provides Azure Sentinel. Sentinel looks across your multicloud environments. For example, these platforms can include the likes of AWS, Google Cloud Platform, Salesforce service cloud, VMware, and Cisco Umbrella.

3. Compliance: Protection from the inside out

At Microsoft, Zero Trust isn't only the practice of protecting against outside-in threats, but also protecting from the inside out. Addressing the area of compliance includes managing risks related to data. This data is more than just the data stored in the Microsoft cloud. It also includes the data from across the breadth of clouds and platforms an organization uses. Microsoft has invested in creating that inside-out protection. It does so by extending its capabilities to third parties to help organizations reduce risk across their entire digital estate.

Microsoft provides the following new innovations in compliance:

  • Coauthoring of documents protected with Microsoft Purview Information Protection. This feature enables multiple users to work simultaneously on protected documents while taking advantage of the intelligent, unified, and extensible protection for documents and emails across Microsoft 365 apps.
  • Microsoft Purview Insider Risk Management, which can identify potential insider risk activity within an organization and help inform policy configurations. With one selection, a customer can have the system run a daily scan of its tenant audit logs and historical activity. The scan can use Microsoft 365’s Insider Risk Management machine learning engine to identify potential risky activity with privacy built-in by design.
  • Microsoft 365 now offers data loss prevention (DLP) for Chrome browsers and on-premises server-based environments such as file shares and SharePoint Server.
  • Microsoft Purview is integrated with Microsoft Purview Information Protection. This design enables organizations to apply the same sensitivity labels defined in the Microsoft Purview compliance portal to data that's stored in other clouds or on-premises. Microsoft Purview is a unified data governance solution for on-premises, multicloud, and software as a service (SaaS) data. Organizations can use Microsoft Purview to scan and classify data located in AWS Simple Storage Services (S3), SAP ECC, SAP S4/HANA, and Oracle Database.

4. Skilling: Power your future through security skilling

Many organizations continue to struggle to fill the security skills gap. For this reason, Microsoft strives to ensure organizations have the skilling and learning resources they need to keep up in today's world of complex cybersecurity attacks. Microsoft provides different ways of helping organizations skill cybersecurity professionals.

Microsoft has four new security, compliance, and identity certifications tailored to organizations' roles and needs:

  • Security, Compliance, and Identity Fundamentals. This certification helps individuals get familiar with the fundamentals of security, compliance, and identity across cloud-based and related Microsoft services.
  • Information Protection Administrator Associate. This certification focuses on planning and implementing controls that meet organizational compliance needs.
  • Security Operations Analyst Associate. This certification helps security operational professionals design threat protection and response systems.
  • Identity and Access Administrator Associate. This certification help individuals design, implement, and operate an organization’s identity and access management systems by using Microsoft Entra ID.

While today's world is complex, growing your skills shouldn’t be. The Microsoft Security Technical Content Library will help organizations find content relevant to its needs. Use it to access content based on your own needs today.