With evolving cyber security threats and a move to cloud services, a new approach is needed. You can no longer hide within your corporate network, with users working remotely and cloud access, the threat of a breach is higher. Zero Trust is where you prepare for this by never trusting and always seeking to verify the identity and legitimacy of each request.
In this article we provide an overview of Zero trust, the underlying principles and some of the best technology to get started with.
Zero Trust model overview
Today, organisations need a new security model that effectively adapts to the complexity of the modern environment, embraces the mobile workforce, and protects people, devices, applications, and data wherever they are located.
This is the core of Zero Trust. Instead of believing everything behind the corporate firewall is safe, the Zero Trust model assumes breach and verifies each request as though it originated from an uncontrolled network. Regardless of where the request originates or what resource it accesses, the Zero Trust model teaches us to “never trust, always verify.”
Microsoft explains Zero Trust as, “Zero Trust is a proactive, integrated approach to security across all layers of the digital estate that explicitly and continuously verifies every transaction, asserts least privilege, and relies on intelligence, advanced detection, and real-time response to threats.”
Principles of Zero Trust
- Verify explicitly – Always make security decisions using all available data points, including identity, location, device health, resource, data classification, and anomalies.
- Use least privileged access – Limit access with just-in-time and just-enough-access (JIT/JEA) and risk-based adaptive polices.
- Assume breach – Minimise blast radius with micro-segmentation, end-to-end encryption, continuous monitoring, and automated threat detection and response.
Implementing Zero Trust in your organisation
There a wide range of areas an organisation should look at to get started with Zero Trust. We focussed on the two areas below and explain the solutions needed to secure them.
Multi Factor Authentication
Probably the single best thing you can do to improve your cyber security is implement Azure Active Directory and Multi Factor Authentication. MFA reduces the effectiveness of identity attacks by over 99%. Azure Active Directory assumes each login or attempt to access data could be suspicious prompting a secondary verification or in some cases locking access where it deems it as suspicious behaviour.
Once an identity has been granted access to a resource, data can flow to a variety of different endpoints—from IoT devices to smartphones, BYOD to partner-managed devices, and on-premises workloads to cloud-hosted servers. This diversity creates a massive attack surface area. Monitor and enforce device health and compliance for secure access.
Two solutions to support endpoint management:
- Microsoft Defender for Endpoint, which helps enterprise networks prevent, detect, investigate, and respond to advanced threats.
- Microsoft Endpoint Manager, which provides protection and security for the devices that employees use and the applications that run on those devices.
Zero Trust is a completely new approach to cyber security and the main way you will secure your organisation from the growing pressure on businesses. To implement Zero trust or discuss your cyber security approach, contact us today.