Zero Trust Summary

Zero Trust Summary

Zero Trust Mindset

Zero trust mindset revolves adaptive security policies that embraces the constantly changing work environment requirements and risk profile, and creates policies to always verify based on most latest available information.

Very broadly speaking it involves:

  • Provide only sufficient permissions for the job.
  • Instead of believing everything behind corporate firewall is safe, starting with assumption that the request is coming from unsafe conditions and then find reason to trust.
  • Constantly monitoring and creating policies to assess and audit all crucial aspects of security setup.

What does it need

It's a great concept and a north-star to work towards, however organisations need to approach the implementation of required security policies with proper planning. We need to ensure that various foundational elements of our enterprise are: (1) connected, (2) constantly monitored and (3) contribute towards access and compliance decision-making. Not only that, we need to be able to leverage all these planes of control as a enforcement mechanism as well.

First step towards that is education and awareness of what's possible with modern security solutions. To that end, Microsoft recently published a couple of assets to describe their deployment guidelines with zero trust mindset and a tool for an organisation to self-assess their current maturity state.

How to get started

If you are after a summarised version of deployment guidelines, I created a one-page summary of recommended actions and configurations (ok, 2-pages with footnotes and links for further read). It covers all the foundational domains covered of interest, i.e.:

  • Identity
  • Endpoints
  • Data
  • Apps
  • Infra
  • Network

Please download the pdf and leave comments, suggestion or feedback in discussion board. Also, hit me up on LinkedIn for a chat if you are interested.

Popular posts from this blog

Microsoft Cyber Security Architecture (HL)

Image
Microsoft Cyber Security Architecture Microsoft security products offer great functionality and value, and are considered best-in-class by many standards, It covers the breadth of enterprise security needs and provide deep level of security across all domains. This high level article is meant to help understand how the different solutions in M365 and Azure security stack fit together. Download the High Level Architecture PDF Naming convention If you found some of our solution names a bit hard to follow in the past, your definitely weren't alone. All that is set to change, with the recent rename of our cybersecurity solutions in an attempt to simplify the naming scheme and classify under common broader nomenclature. With recent rename, these products also follow a simpler naming scheme. Here are the key principles to keep in mind: All security solutions fall under Defender umbrella with 'Defender for [workload]' naming convention (For instance, Defender for Identity, D...
Read more

My Office 365 account got hacked. Now What ??!!

So, you found out that one or more of your Office 365 accounts have been hacked. You are getting spam emails that appear to have been sent by some internal users, or getting random authentication requests / password change notification when you know you did not generate any. You need to act fast.  Time is the enemy ... The world is conspiring ... The damage could be irreversible ... It's a battle of wits. Drama aside, the action plan should be to  (1) Assess the damage (2) Take corrective actions (3) Clean up  (4) Update your security setup to prevent future issues. Here’s some steps you should take to get it back in check: Assess: Check the Sent or Deleted Items folders for the hacked to look for emails gone out to unidentified recipients. In many cases the attacker will delete the emails after sending, so run message trace to check extent of such emails sent out. Check for devices linked  to the user’s mailbox. Remo...
Read more