Accelerating Zero Trust Security – Part 1

accelerating zero trust security part 1

Aug 8, 2020

How to prioritize your zero trust security initiatives

We’re seeing major technological shifts such as work-from-home, automation, robotics, IoT, etc. accelerate due to the recent health and ensuing economic disruptions. Reality is that digitization was already facilitating these trends, and now CIO/CISOs must take the helm in enabling their organizations to make the transition toward the new “normal” of conducting business while reducing cybersecurity risk.

One of the major enablers of digitization is zero trust security (ZTS), which was discussed in one of our recent blog posts. Not surprisingly, ZTS is now a business priority—not just a technical thing—for those CIO/CISOs who are recognizing the need to adapt their security approaches to the new business realities.

Knowing how to correctly identify and prioritize Zero Trust Security activities across its six major areas is crucial, including:

  • Identities from users to endpoints to IoT devices with strong authentication, least privilege access, anomalous behavior detection, etc.
  • Devices whether company-owned or bring-your-own (BYO) that are both secure and compliant to provide users with access to apps and data.
  • Apps and API monitoring and remediation to detect abnormal behavior, unauthorized user actions, and insecure configurations.
  • Data access policy violations and data loss prevention (DLP) incidents for confidential and restricted data.
  • Infrastructure configuration, monitoring, just-in-time (JIT) access to VMs, containers, and microservices.
  • Network controls and micro-segmentation to detect attackers from moving laterally across the network.

We recommend organizations develop 30/60/90-day plans using Agile practices to enable Zero Trust Security. In this part one of the ZTS post, we provide specific, practical actions and related tech recommendations to implement ZTS during the first 30 days as outlined below.

Component Actions Recommended Tech
Identities Implement federated identity management
across on-prem and cloud

Enable all admin accounts for multi-factor
authentication (MFA)

Implement a security
policy engine for making access decisions

Develop and enforce conditional access
policies based on user risk

Azure Active Directory (AD)
Devices Enable BYOD users to connect to
organizational resources

Domain-join or register user devices
with a cloud-based device and app
management platform

Microsoft Intune, Azure AD,
Apps & API Perform ongoing shadow IT discovery
and risk assessment of unsanctioned
apps

Implement policy-based access controls
for apps

Microsoft Threat Protection
(MTP), Microsoft Cloud App
Security (MCAS), Azure
Sentinel
Data Create a data classification policy and
labels that users can apply from within
the apps they are using

Implement encryption of data at rest, in
transport and in use across devices and
cloud for confidential and restricted data

Enforce data loss prevention (DLP)
policies on all managed and
unmanaged devices

MTP, Microsoft Endpoint
Data Loss Prevention (DLP),
Microsoft Information
Protection (MIP), MCAS
Infrastructure Enable cloud workload protection
solution across hybrid clouds and on-
prem

Assign system-managed identities and
key management to all workloads

Use an integrated threat detection tool
for endpoints, email attacks, and identity
attacks

Provide security information and event
management (SIEM) solution to
aggregate and analyze events across
multiple sources

Azure AD, Azure Key Vault,
Azure Sentinel
Network Enable access to on-premises apps and
resources without a virtual private network
(VPN)

Develop a federation model to manage
cybersecurity functions for cloud

Enable cloud-based threat protection for
all assets

Azure Sentinel, Azure AD,
Azure Network Security
Groups (NSG), Application
Security Groups (ASG)

Although some of these recommendations to adopt Zero Trust Security may seem challenging due to unique constraints in your environment, we’ve seen most organizations perform these actions fairly quickly, especially if they’re working with an experienced team of cybersecurity professionals. Remember it’s not only the initial setup but the ongoing management of ZTS that’s critically important because it’ll continue to evolve rapidly.

In part two of this series, we’ll focus on the 60/90-day implementation activities and tech recommendations. Meanwhile, consider these three questions as you reflect on how best to enable Zero Trust Security at your organization in support of business needs:

  1. Have you adopted a ZTS maturity model to identify where you’re on the spectrum of maturity?
  2. Have you identified the cybersecurity products and services needed for enabling ZTS?
  3. What’s your plan for monitoring and managing your ZTS implementation either internally or with the help of a cybersecurity managed services provider?

Accelerating Zero Trust Security – Part 2

How Can We Help?

Scroll to Top