Traditional perimeter-based network security has proved insufficient because it assumes that if a user is inside the corporate perimeter, they can be trusted. This is exactly where Zero Trust comes in. https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.microsoft.com%2Fen-us%2Fitshowcase%2Fimplementing-a-zero-trust-security-model-at-microsoft&data=02%7C01%7Cv-dabada%40microsoft.com%7C86212c8c905b4cd7d51d08d75cab9011%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637079764256389592&sdata=MePSyh0xulw5SiDAAUAtU2AIBJXzcy%2FvhDJj9EuGh2w%3D&reserved=0 that upends the current broad trust model. Instead of assuming trustworthiness, it requires validation at every step of the process. This means that all touchpoints in a system—identities, devices, and services—are verified before they are considered trustworthy.
You can begin implementing a Zero Trust access model now but expect this to be a multi-year process. We are on this journey together and will continue to share insights and advice in the coming months and years.
To learn more, read https://www.microsoft.com/security/blog/2019/10/29/improve-security-zero-trust-access-model/.
