Understanding and Getting Started with ZERO TRUST

 

A look at what Zero Trust really is and how to get started by John.

My take away (ZT principles):

• Verify explicitly (on every single session or resources)
  
• Least privilege (just enough and in time) 
• Assume breach

Other notes: 

• A wrong VPN deployment may degrade the security in overall.
• IAM with SSO (MFA, Passwordless, disable legacy auth, RBAC)
• Endpoints (TPM, TLS cert, register-managed-compliant)
• Network (defense-in-depth, end-to-end encryption/IPSec, layers/tiers - microsegmentation, IDS/IPS) 
• Risk Context and controls (Identity, endpoint, network, conditional access)
• Infra and apps (policy, shadow IT, proxy)
• data (data driven protection and travel with data, encryption, classification, Azure Purview)
• SIEM/SOAR (Azure Sentinel + ML + automation)

 

Links:

• https://www.youtube.com/watch?v=hhS8VdGnfOU
• MS Zero Trust Maturity Model
• https://github.com/johnthebrit/CertificationMaterials