May 10, 2022

Understanding and Getting Started with ZERO TRUST

 

A look at what Zero Trust really is and how to get started by John.

My take away (ZT principles):

  • Verify explicitly (on every single session or resources)
  • Least privilege (just enough and in time) 
  • Assume breach

Other notes: 

  • A wrong VPN deployment may degrade the security in overall.
  • IAM with SSO (MFA, Passwordless, disable legacy auth, RBAC)
  • Endpoints (TPM, TLS cert, register-managed-compliant)
  • Network (defense-in-depth, end-to-end encryption/IPSec, layers/tiers - microsegmentation, IDS/IPS) 
  • Risk Context and controls (Identity, endpoint, network, conditional access)
  • Infra and apps (policy, shadow IT, proxy)
  • data (data driven protection and travel with data, encryption, classification, Azure Purview)
  • SIEM/SOAR (Azure Sentinel + ML + automation)