For many organizations, 2020 was the year that eventually realized remote project becomes a reality on a global scale. As many people begin transitioning back to the office, many organizations are thinking about how they can transition from a remote workforce to a more permanent hybrid workplace. We recently conducted a study with over 900 chief knowledge security officers( CISOs) on the nation of Zero Trust and found that 81 percentage say their organization has started or currently has a hybrid work environment in place and that 91 percent plan for their organization to be fully transitioned to hybrid work within the next five years. The era of hybrid work is here to stay. Learn more about our perspective and security efforts in Vasu Jakkal’s blog, Securing a new world of hybrid project: What to know and what to do, posted earlier this month.
However, as recent events have shown us, the cybersecurity scenery continues to evolve. Bad performers are getting more sophisticated and the need for a stronger security model has never been more important. Zero Trust is no longer an option, it’s now imperative for organizations that want to protect themselves while providing employees the flexible they need to be productive.
Implementing a Zero Trust model entails transitioning from implicit trust–where everything inside a corporate network is assumed to be safe–to a modeling that accepts breach and explicitly checks the security status of identity, endpoint, network, and other resources based on all available signal and data. A contextual, real-time policy aids enforce least-privileged access principles and minimize risks. Zero Trust not only strengthens security but likewise enables the change needed to embrace hybrid work.
I often hear from customers that implementing a Zero Trust security framework can be daunting and that they’re looking for help in creating a roadmap with the right prioritized milestones to maximize investments and positively impact their consumers. In this post, I’d like to provide an overview of the resources available to help accelerate your Zero Trust readiness and offer actionable guidance.
If you haven’t already, I indicate starting with our Zero Trust Maturity Model whitepaper, which breaks down Zero Trust requirements across identities, endpoints, apps, networks, infrastructure, and data. The working paper provides a strong starting point to assess your current Zero Trust maturity, prioritize security efforts to maximize impact, and get a foundational understanding of overall capabilities and requirements.
My colleague, Mark Simos, also posted a blog, Zero Trust Strategy–what good looks like, based on his experience aid patrons transform their security strategies that expands on many of the concepts in the maturity model.
We created the Microsoft Zero Trust Assessment tool to help you determine where you are in your Zero Trust implementation journey and provide to-dos and deployment counseling to help reach key milestones. This month, we released an updated version that furnishes more targeted guidance and a curated listing of resources to help you better prioritize milestones based on your current progress. Now, when a gap is identified in your Zero Trust readiness, you’ll realize which specific capabilities you need, the Microsoft products and services that can provide those and step-by-step guidance on implementation.
Get up to speed on the essentials of Zero Trust
This month, we’re kicking off our new Microsoft Mechanics video series focused on Zero Trust. In this series, Jeremy Chapman, Director of Microsoft 365, provides a breakdown of how you can adopt a Zero Trust approach across the six layers of defense–identities, endpoints, apps, networks, infrastructure, and data. This series will share tips-off and render hands-on demonstrations of the tools for implementing the Zero Trust security model.
Our first two videos are out now 😛 TAGEND
Microsoft Mechanics Zero Trust Essentials–An overview of Zero Trust and the six layers of defense. Zero Trust Essentials: Identity and Access Management–A deep dive into how Azure AD enables a Zero Trust security framework.
Watch our new video series, starting with Microsoft Mechanics Zero Trust Essentials.
For an in-depth look at our latest updates that will help accelerate your Zero Trust travel, check out Vasu Jakkal’s blog, How to secure your hybrid run world with a Zero Trust approach, from earlier this month. For technical counseling, visit our Zero Trust Resource Center–A storehouse of information that renders detailed guidance for the purpose of implementing Zero Trust principles across their identities, endpoints, data, applications, networks, and infrastructure. If you’d like to learn from our own Zero Trust deployment excursion at Microsoft, our CISO Bret Arsenault and squad share their narratives at Microsoft Digital Inside Track. To hear from presidents who sponsored, guided, and oversaw the adopted in Zero Trust within organizations, check out the Zero Trust Business Plan. Learn how to get buy-in for Zero Trust in a recent webcast with Microsoft Corporate Vice President, Microsoft Identity, Alex Simons. If you’re into podcasts, please check out Episode 3 of the Strengthen and Streamline Your Security podcast to hear discussion on the steps contributing organizations are taking and get recommendations to reduce your risk and enable employee productivity. Lastly, Examining Zero Trust is an executive roundtable discussion with 10 security presidents sharing their own experiences and real-life examples of adopting the fundamentals of Zero Trust.
For detailed information about Microsoft Zero Trust, please visit our website and keep up-to-date with product announcements, technological counseling, planning resources, and more in our Zero Trust blogs.
To learn more about Microsoft Security solutions, visit our website. Bookmark the Security blog to keep up with our expert coverage on security matters. Likewise, follow us at @MSFTSecurity for the most recent developments and updates on cybersecurity.
The post Resources for accelerating your Zero Trust expedition seemed first on Microsoft Security .
Read more: microsoft.com