Mastering Windows Security and Hardening
上QQ阅读APP看书,第一时间看更新

Implementing a Zero Trust approach

To close out the chapter, we wanted to touch on a concept known as Zero Trust. The Zero Trust architecture model was created by John Kindervag while he was at Forrester Research Inc. back in 2010. You may be wondering what exactly Zero Trust is. Essentially, it is a model where we trust no one until we can validate who they are, who they are meant to be, and whether they are authorized to have access to the system or information. Effectively implementing a Zero Trust model is going to require a multilayered approach to the security strategy along with the use of the most current and modern technology available. The method of allowing a user to access the environment with only a username and password is outdated and insecure. With Microsoft's version of a Zero Trust model, they are recommending the use of a strong identity, ensuring devices are enrolled within a management tool, enforcing the concept of least privilege, and verifying the health of both devices and services. To support this model, some of the technologies include Azure Active Directory, multi-factor authentication, biometrics, Conditional Access, Microsoft Intune, and Microsoft Defender ATP. As you read through this book, you will find the guidance and instructions that are provided will ultimately lead to a Zero Trust model.

Tip

You can read more about the Zero Trust Microsoft model here: https://www.microsoft.com/en-us/itshowcase/implementing-a-zero-trust-security-model-at-microsoft.