Microsoft Publishes Documents on Implementing Zero-Trust Networks
Microsoft this week described the launch of a so-called "Zero Trust Deployment Center," which essentially is a Web page landing point for accessing Microsoft documents on its zero-trust security approach.
Zero trust is a conceptual approach for networks, and Microsoft claims that its identity and security products will lend organizations a helping hand toward achieving that end. Microsoft's definition of zero trust involves adopting an assumed-breach stance for networks. As part of that assumption, "every access request is fully authenticated, authorized, and encrypted before granting access."
In addition, Microsoft's zero-trust concept involves implementing least-privileged access practices to block so-called "lateral movements" by attackers who may have gained a network foothold. Microsoft also insists that zero trust involves harvesting "signals" data to detect and respond to threats "in real time."
Such details can be found in Microsoft's definition of zero trust, which is published at its zero-trust marketing site.
A Microsoft white paper on zero trust, available for download from the marketing site, traced the zero-trust concept back to the Jericho Forum of 2004, a U.K.-based coalition that aimed to reshape the traditional perimeter-based security mindset adopted by organizations. The Jericho Forum's 11 "Commandments" (PDF) included ideas like "access to data should be controlled by security attributes of the data itself." It sounds similar to what Microsoft implemented with its Azure Active Directory Conditional Access service and data loss prevention solutions.
The Zero Trust Deployment Center points readers to Microsoft documents on implementing secure identity, secure endpoints, secure applications, secure data and secure networks, as well as achieving visibility. Along the way, various Microsoft solutions get described, too.
The Center offers a step-by-step way for organizations to implement zero trust, per Microsoft's announcement.
"The Zero Trust Deployment Center breaks down deployment guidance into plain-language objectives across each of the technology pillars, providing an actionable list of steps needed to implement Zero Trust principles in your environment," the announcement explained.
Microsoft also has a "Zero Trust assessment tool," which appears to be a survey instrument that requires completing a form to use. The Zero Trust assessment tool is there to "help measure your current maturity and identify possible next milestones and priorities along with technologies" regarding implementing zero trust, the announcement explained.
Kurt Mackie is senior news producer for 1105 Media's Converge360 group.