Skip to content
Microsoft Industry Blogs - Canada

A woman getting started with her day in her kitchen and working on a Lenovo ThinkPad Yoga.

Cybersecurity used to be a lot easier. IT teams did their best to build a security perimeter—a walled garden—where they could treat anything or anyone in that network as secure. This classic approach of attempting to restrict everything to a “secure” network does not accommodate the modern world, where almost everyone works remotely from different types of devices, including personal phones and tablets.

In a recent survey, 76% of IT leaders current say Zero Trust is the backbone of their access strategy, with the shift to remote work accelerating the adoption with 66% of these IT leaders investing in Zero Trust in the past 3 months.  A zero trust approach helps strengthen user authentical, enabling secure access to apps and services and reducing stress on legacy remote work solutions.

Zero trust principals, Verify Explicitly, Use Least Privileged Access and Assume Breach.

Identities, representing people, services or IOT devices, are common dominator, and in a zero trust security model, function as a powerful, flexible and granular way to control access to data.

Five Steps to securing your Identity Infrastructure:

  1. Strengthen your credentials: MFA reduces compromise by 99.9%. In the recent survey 63% of organizations have already implemented MFA to secure identities, as the first step in their Zero Trust journey
  2. Reduce your attack surface area: Blocking legacy authentication reduces compromise by 67%.  Eliminating use of older, less secure protocols, limiting access entry points, and exercising more significant control of administrative access to resources can help reduce the attack surface area.
  3. Automate threat response:  You can reduce the costs and risks, when you reduce the time criminals use to embed themselves into your environment.
  4. Utilize cloud intelligence: Auditing and logging of security-related events and related alerts are essential components of an efficient protection strategy. You can use auditing to monitor user activity, document regulatory compliance, do forensic analysis, and more
  5. Enable end-user self-service: As much as possible you want to balance security with productivity and you can remove friction from your organization by empowering your users while remaining vigilant

Identity is central to a successful Zero Trust strategy. Get started with your Zero Trust Journey with Identity:

  1. Watch our Zero Trust Identity Webinar for details on getting started
  2. Evaluate your current Zero Trust maturity stage to determine where your organization is and how to move to the next stage

Access the Zero Trust Deployment Guide for Identities for detailed deployment guidance.