VIEWPOINT Businesses can use Microsoft’s proactive integrated approach, the Zero Trust framework, to intelligently implement security best practices across all layers of their digital estate. However, some organisations need clarification on what components of Zero Trust there are, why they are important, and how they can get started with this high level of security. These six considerations should help guide decision-makers on why and how to adopt the Zero Trust framework. 1. Proliferating data and devices Cloud-based solutions make sensitive industry data more readily accessible through any device. Financial services, healthcare and other industries ingest billions of bytes of data each day. To protect personal identifiable information and ensure compliance, businesses should enlist Zero Trust principles to prevent threats from accessing or exfiltrating sensitive data. 2. Remote work is on the rise With a hybrid workforce becoming increasingly common, businesses will want to take threat prevention measures so they can give access to those who need it and keep out those who shouldn’t. 3. Increase in sophisticated attacks Your digital landscape is no longer a local area network protected by perimeter-based security. Company data is scattered across cloud-based solutions and, as such, a modern approach to security is required to prevent an ever-growing risk of cyberattacks – it’s not a question of ‘if’ but ‘when’. 4. Verify explicitly Go through the process of verifying a user’s identity based on location, device health and what service/data they are trying to access, noting any anomalies of how they are trying to access information. 5. Least privileged access Limit potential threats by adopting just-in-time and just-enough-access methods, making sure that users only have access to the required systems and data, and nothing more. 6. Assume breach Businesses should configure systems in a way that assumes data will get breached. This leads security administrators and technical teams to ensure extensive precautionary measures are taken to minimise a potential blast radius and segmenting access to systems. To get started with Zero Trust, organisations need to evaluate the maturity of their security infrastructure. This will help them identify gaps and determine the right security solutions to fill them. To get the most out of Microsoft technology, evaluate identities, endpoints, applications, data and networks. Hector Perez is a Microsoft 365 and cloud specialist at JourneyTEAM Six key considerations for enterprises when implementing Microsoft’s integrated security model How to get started with Zero Trust HECTOR PEREZ: JOURNEYTEAM 31
RkJQdWJsaXNoZXIy NzQ1NTk=