Zero Trust – Trust No One

Zero Trust - Trust No One

As the name suggests, the Zero Trust model is explained quite simply as – “Never Trust. Always Verify.”

Zero Trust helps secure corporate resources by eliminating unknown or unmanaged devices and in these uncertain times, as a business, you want to make sure all corporate resources are being accessed securely.

What do you need to do to implement a Zero Trust model in your business? With Azure AD at the heart of your Zero Trust strategy, follow the below three principles to achieve a Zero Trust model.

1 - VERIFY EXPLICITLY

  • Provide Azure AD with a rich set of credentials and control, which can be used to verify the user at all times: 

    • Roll out MFA 
    • Enable Azure AD Hybrid Join or Azure AD Join 
    • Enable Intune for mobile device management 
    • Start rolling out passwordless credentials  

    Verifying explicitly means enabling strong authentication and approving access across all available data points, such as identity, device health, location, services and data classifications. 

2 - LEAST PRIVILEGE

  • Limit user access with Just-In-Time (JIT) or Just-Enough-Access (JEA), meaning grant the access only when a user needs it and for as long as they need it:  

    • Plan your Conditional Access deployment 
    • Secure access using Privileged Identity Management (PIM) – more info here 
    • Restrict user consent to applications to ensure no unnecessary exposure of corporate data to apps 
    • Manage entitlements – requires Azure AD Premium P2 licenses
     

3 - ASSUME BREACH

  • Reduce any lateral movement by segmenting access by network, user, devices and apps. Use analytics to drive more insights and gain visibility across all threats to better improve your overall protection: 

    • Deploy Azure AD Password Protection 
    • Block legacy authentication 
    • Enable identity protection – requires Azure AD Premium P2 
    • Enable restricted sessions 
    • Enable Conditional Access integration with Microsoft Cloud App Security (MCAS) 
    • Integrate MCAS with identity protection 
    • Integrate Azure Advanced Threat Protection (ATP) with MCAS 
    • Enable Microsoft Defender ATP (MDATP) 
     

Why Insentra and Microsoft?

You are receiving this email because you are entitled to receive Microsoft’s FastTrack benefits delivered by the Insentra teamInsentra’s qualified consultants can work closely with your technical teams, project sponsors and stakeholders to help drive workload adoption and gain the most value out of your Office 365/Microsoft 365 subscription.

If you would like more information on anything you’ve read here, please download our FastTrack Brochure, or get in contact with our Senior Consultant – Hambik Matvosian.

__

Got a question? Need support? You’re in the right place.

We’re here to help. Fill out your details and we’ll call you to get started.

Who is Insentra?

Imagine a business which exists to help IT Partners & Vendors grow and thrive.

Insentra is a 100% channel business. This means we provide a range of Advisory, Professional and Managed IT services exclusively for and through our Partners.

Our #PartnerObsessed business model achieves powerful results for our Partners and their Clients with our crew’s deep expertise and specialised knowledge.

We love what we do and are driven by a relentless determination to deliver exceptional service excellence.

Insentra ISO 27001:2013 Certification

SYDNEY, WEDNESDAY 20TH APRIL 2022 – We are proud to announce that Insentra has achieved the  ISO 27001 Certification.