A look at what Zero Trust really is and how to get started by John.
My take away (ZT principles):
- Verify explicitly (on every single session or resources)
- Least privilege (just enough and in time)
- Assume breach
Other notes:
- A wrong VPN deployment may degrade the security in overall.
- IAM with SSO (MFA, Passwordless, disable legacy auth, RBAC)
- Endpoints (TPM, TLS cert, register-managed-compliant)
- Network (defense-in-depth, end-to-end encryption/IPSec, layers/tiers - microsegmentation, IDS/IPS)
- Risk Context and controls (Identity, endpoint, network, conditional access)
- Infra and apps (policy, shadow IT, proxy)
- data (data driven protection and travel with data, encryption, classification, Azure Purview)
- SIEM/SOAR (Azure Sentinel + ML + automation)