The Modern Workplace requires a zero-trust security approach
Over the past year, many organisations have undergone an enormous transformation with respect to working remotely. IT departments have had to act immediately and rapidly to make sure people could remain productive while working from home. If remote working is the standard, it requires a different approach to security. Scaling up the traditional approach is no longer adequate to keep your systems and applications sufficiently secure. Microsoft and HSO recommend a zero-trust approach. In this blog, we will tell you more about it.
Why a zero-trust approach?
Today’s organisations require a new security model that is equipped for the complexity of the modern environment: including people who can always work from anywhere, with access to all tools, devices, apps and data they need.
In a traditional, on-premise environment, the answer is usually a firewall. In other words, a robust fence built around all systems. However, the disadvantage is that cybercriminals are becoming increasingly effective in breaching the firewall. This increases the risk that, once a hacker is in, he or she quickly has access to all data and applications.
Aside from these risks, the rise of cloud technology and remote working comes with new threats. For instance, more and more employees have access to applications and data outside of the ‘traditional’ company network boundaries. This means that security through firewalls and virtual private networks (VPN) no longer suffices.
Therefore, the objective of a zero-trust approach is:
- Secured mobile access: enable users to always work safely from anywhere, on any device.
- Safe cloud migration: enable digital transformation with intelligent security for today’s complex environment.
- Risk reduction: close security breaches and minimise the risk of lateral movement.
This is how zero-trust security works
The three principles of the Microsoft Zero-Trust approach are:
- Require explicit verification;
- Give employees access only to the data and applications they need;
- Assume that you are being hacked.
Apply these three principles constantly when setting up your security. Does the third principle sound rather threatening? Microsoft considers it realistic. Thanks to the zero-trust approach, you are well prepared, so potential damage can be minimised.
A zero-trust model requires that all components – identity of the user, device, network and application – are constantly validated and tested for reliability.
Zero-trust and the security power of Microsoft
At HSO, we are convinced that on-premise security can no longer offer the same standard as cloud security. With over 3,000 people, Microsoft invests billions in the security of the Microsoft Cloud platform every year. The power of the Microsoft platform and the zero-trust approach is mainly reflected in the enormous amount of data, applications and information streams that are constantly being monitored by advanced algorithms in search of deviating signals, data streams or other interferences. As a result, the level of security is constantly increasing and becoming more automated. As a Microsoft platform user, you directly benefit from this.
Read more about zero-trust and the HSO Security Assessment?
HSO recently implemented zero-trust at Heras and at a large financial service provider as part of their cloud transformation.