What is zero trust security Definition?
Zero-trust security is an IT security model that limits who can access applications and data—including an organization’s employees. Zero Trust architecture uses strict security protocols to grant access, while keeping authenticated users continually protected from malware, data exfiltration and other cybersecurity attacks.
The Zero Trust security model is not new and it has been in discussions and practice for quite some time. However, it was majorly leveraged in a narrowed scope among risk signal sources such as network, data, applications, users, and devices. They work independently and do not share the threat signals and intelligence with each other, preventing it from being a comprehensive and effective security model. However, they all share the common Zero Trust principles such as:
- Verify explicitly
- Apply least privilege access
- Always assume breach
But with the new normal working atmosphere, we are all in a perimeter-less world and identity is the new perimeter. Hence the Zero Trust should start from the user access, and it is very critical that the enterprise access management solution supports the above three core Zero Trust security principles. Based on a majority view of the CISOs at the panel discussion on the Zero Trust user access, it appears that several organizations are in the process of adopting the Zero Trust security model and would start with identities.
Microsoft security solutions provide adequate building blocks to drive your Zero Trust user access implementation. Some of the key pillars of the Zero Trust user access include:
- Conditional access policies to orchestrate your Zero Trust policies and provide granular access to corporate applications and data
- Native support of integrations with various threat and risk signals from Microsoft intelligent security network, Advanced Threat Protection solutions (Azure ATP, O365 ATPs, ASC, and Microsoft Defender ATP), Azure information protection for data classification, protection, cloud app security, and the ability to integrate with third party risk signals via graph APIs.
- Multi-factor authentication and password-less support to increase the identity trust
- Device lifecycle management capabilities and native integration with mobile device management solutions like Intune for device compliance and hygiene status
- Identity protection to detect and mitigate real-time user and session risks.
- Enforcement policy engine to mitigate real-time threats during user access .
From the collective view points from the panel discussion, it is obvious that most of the organizations are re-prioritizing their security programs to focus on strengthening their remote workplace environment by adopting Zero Trust security principles. Some of the key learnings from this event include:
Expanding and securing the organization’s existing VPN infrastructure to support the massive remote workforce is top priority
Leveraging cloud-based (like Azure AD) identity and authentications for corporate resources such as workstations and apps can help solve scalability issues, improve security and enrich user experiences
Enforcing two-factor authentications for all remote users accessing corporate resources are vital to secure user identities
Leveraging virtual desktop solutions (like WVD) for users that use personal devices to access corporate resources help provide controlled data sharing
Ensuring that necessary information protection and data loss prevention controls are in place to safeguard sensitive data
Strengthening third-party risk management practices to actively oversee the supply chain so that only trustworthy third parties are used
Zero Trust is a journey and starts with adopting the Zero Trust user access approach to strengthen the remote working environment.