Microsoft expands zero-trust security capabilities at Ignite 2021

The move to hybrid work accelerated by the pandemic has created cybersecurity risks, with employees at home creating more possible vulnerable endpoints for enterprises.

At the same time, enterprises are increasingly adopting cloud solutions like Microsoft’s Azure or Amazon’s AWS. This is creating hybrid cloud infrastructure gaps in enterprises. Also, hybrid work is driving the adoption of new collaboration apps, and these need tight role-based controls.

This is just part of the cybersecurity challenge Microsoft’s senior management team has dealt with over the last two years. Satya Nadella’s keynote at Ignite 2021 this week provided a compelling vision of the future of hybrid work. It’s encouraging that Nadella mentioned the concept of  “zero trust” security as essential to the future of their many platforms and applications, including IoT and edge computing.

Zero trust the Microsoft way

A key takeaway from the many hybrid work and zero trust sessions at this year’s Ignite 2021 conference is that Microsoft has created an integrated philosophy of just what zero trust is and how it relates to their product and platform strategies. The cornerstones of the Microsoft zero trust framework include the following:

  1. Verify human and machine identities. By authenticating and authorizing each based on all available data points, including user identity, location, device health, service or workload, data classification, and anomalies, the precept of trusting no one or no machine is achieved.
  2. Enforce least privileged access for human and machine identities. Least privileged access refers to the concept of focusing on the person with the least authority or privilege in accessing an organization’s systems and information and providing them only with the information or resources that are absolutely necessary. This means standardizing on least privilege access at the identity level for both humans and machines, ensuring limited user access with just-in-time and just-enough-access (JIT/JEA), risk-based adaptive policies, and data protection.
  3. Assume a breach will happen. Start planning now for how to minimize the blast radius and segment access. A core part of the third cornerstone is verifying end-to-end encryption and analytics to get visibility, manage insider risk, drive threat detection, and improve defenses. Every zero trust session mentioned these cornerstones and expanded on them, given the specific session’s specific focus.

Microsoft’s zero-trust security vision relies on automation, orchestration, and visibility as its core foundational values. The technology pillars guiding DevOps and zero trust systems and implementations are identities, endpoints, applications, network, infrastructure, and data. Core foundational values guide platform decisions, and the pillars are focused on ensuring continuous risk assessment and automation, zero trust policy enforcement, conditional access and threat intelligence, and telemetry.

Alex Weinert, Director of Identity Security at Microsoft, published the blog post, Evolving zero trust — Lessons learned and emerging trends, where he shared key takeaways on what has been learned from Microsoft’s thousands of zero trust deployments. Consistent with the precepts shared during the presentations given at Ignite, the blog post provides an overview of the Microsoft zero trust architecture with policy optimization and threat protection at its core. Also, similar to the zero trust presentations given at Ignite 2021, the blog post covers the importance of adopting strong authentication (MFA at a minimum) for identities and device compliance for endpoint management.


Microsoft puts zero trust to the test

One of the best tests of scale and adaptability for any cybersecurity framework is how well it can absorb an acquisition, flex for a merger or expand for new functionality. For example, Microsoft acquired CloudKnox Security in July of this year to gain greater visibility and control across the Microsoft Zero Trust framework and improve privileged access. CloudKnox has a successful track record of helping organizations get least-privilege principles right that reduces risk. Their expertise in continuous analytics to help prevent security breaches and ensure compliance is another reason why Microsoft acquired them.

At Ignite 2021, Alex Simons, Microsoft’s corporate VP of identity and network access program management, provided an overview of how CloudKnox has been successfully integrated into the Microsoft zero trust framework during his presentation titled ‘Grounding Zero Trust in Reality: Best Practices and Emerging Trends.’

In just four months’ time, Microsoft successfully integrated CloudKnox into its zero-trust architecture — an example of what can be accomplished when DevOps teams have a clear security framework to work with, complete with zero trust-based design objectives. Alex Simons showed the following graphic during his presentation. The image reflects the ways in which Microsoft’s vision for zero-trust security is taking shape. A key takeaway from the presentation includes the six attributes of applications, data, infrastructure, network, identities, and endpoints that need to be synchronized with zero trust policy enforcement.

graphic from microsoft showing connection between CloudKnox and how it provides Microsoft's Azure Active Directory customers with improved visibility on a granular level, improved monitoring, and a streamlined approach to automating remediation for hybrid and multicloud permissions.

Microsoft’s second goal in acquiring CloudKnox is to provide Microsoft Azure Active Directory customers with improved visibility on a granular level, improved monitoring, and a streamlined approach to automating remediation for hybrid and multicloud permissions. The ultimate goal is to provide Azure’s Active Directory customers with the core areas of an enterprise-class zero trust platform, which includes unified privileged access management, identity governance, and entitlement management.

Securing the pipeline

Zero trust is a vital component needed to secure the many new hybrid work applications and platforms Microsoft announced at its Ignite event and the ones that the company has coming down the pipeline. The three most dominant themes of the tech giant’s 2021 conference have included the future of work, cybersecurity, and the fast pace of Azure innovation technologies. It’s notable that Microsoft never missed an opportunity to reveal to its prospective and current customers the three cornerstones of their zero trust framework, which are: protecting machine identities, thwarting ransomware with Rubrik’s latest technologies, and closing hybrid cloud gaps — all three of which are fertile areas of what is to come for the future of zero trust innovation.

Originally appeared on: TheSpuzz