Many organizations across the world are beginning to recognize the importance of enhanced network security. With more companies requiring their staff to work from home, more robust security solutions are needed to cover emerging issues that range from unpatched devices to poor best practices adherence. As such, Microsoft has been looking to provide customized solutions that not only cover intrusion detection, but breach mitigation to provide better security to more diverse online environments. In this regard, it has revealed recent discussions with Cloud Security Alliance regarding Zero Trust.
Cloud Security Alliance is a not-for-profit whose main focus is enhancing network security by providing best practices awareness. It also works to enlighten internet users on the benefits of cloud-based security as a holistic approach.
What’s Zero Trust
Zero Trust is a network security solution that is based on the concept that all network connections connected to a system should be vetted regardless of whether they are internal or external connections. The main goal behind the strategy is to ensure that all communications within a network are authenticated before access privileges are granted.
In the latest Microsoft - Cloud Security Alliance discussion, ten security managers from companies in the energy, insurance, and finance industries were involved. Some of the points discussed included identity authentication. Identity authentication is typically achieved through IP confirmations and reliance on Unique Device Identification Systems. Multifactor and passwordless authentication methods were also brought up, as well as execution through cryptographic keys, PINs, and biometric data.
Lastly, network and application segmentation strategies were explored. Such procedures help mitigate an escalation of data access privileges by preventing applications from reading what others on a network are doing. This creates a secure environment that can also be used to run virtual testing spaces before full network access is granted.
Microsoft is Providing Zero Trust Services
Microsoft is already providing Zero Trust solutions to its customers. It is partly doing this via the Azure Active Directory (Azure AD). Some of the features available to clients include passwordless authentication using end-to-end security configurations. The setting allows members to log in using biometrics and has been made possible via Windows Hello, and the Microsoft Authenticator app. Some third-party access options are also available for Yubico, AuthenTrend, and Feitian users via the FIDO2 authentication protocol.
In the setup, Azure AD Conditional Access helps to reinforce data access policies on apps to ensure that devices attempting to connect to a network meet minimum access principles.