{"id":106797,"date":"2022-02-17T10:00:00","date_gmt":"2022-02-17T18:00:00","guid":{"rendered":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/?p=106797"},"modified":"2023-05-15T23:11:48","modified_gmt":"2023-05-16T06:11:48","slug":"us-government-sets-forth-zero-trust-architecture-strategy-and-requirements","status":"publish","type":"post","link":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2022\/02\/17\/us-government-sets-forth-zero-trust-architecture-strategy-and-requirements\/","title":{"rendered":"US Government sets forth Zero Trust architecture strategy and requirements"},"content":{"rendered":"\n
To help protect the United States from increasingly sophisticated cyber threats, the White House issued Executive Order (EO) 14028 on Improving the Nation\u2019s Cybersecurity, which requires US Federal Government organizations to take action to strengthen national cybersecurity.1<\/sup> Section 3 of EO 14028 specifically calls for federal agencies and their suppliers \u201cto modernize [their] approach to cybersecurity\u201d by accelerating the move to secure cloud services and implementing a Zero Trust<\/a> architecture.<\/p>\n\n\n\n As a company that has embraced Zero Trust ourselves and supports thousands of organizations around the globe on their Zero Trust journey, Microsoft fully supports the shift to Zero Trust architectures that the Cybersecurity EO urgently calls for. We continue to partner closely with the National Institute of Standards and Technology<\/a> (NIST) to develop implementation guidance by submitting position papers<\/a> and contributing to communities of interest under the umbrella of the National Cybersecurity Center of Excellence<\/a> (NCCoE).<\/p>\n\n\n\n The memo clearly describes the government\u2019s strategic goals for Zero Trust security. It advises agencies to prioritize their highest value starting point based on the Zero Trust maturity model<\/a> developed by the national Cybersecurity & Infrastructure Security Agency (CISA).\u00a0<\/p>\n\n\n\n Microsoft\u2019s position aligns with government guidelines. Our maturity model for Zero Trust<\/a> emphasizes the architecture pillars of identities, endpoints, devices, networks, data, apps, and infrastructure, strengthened by end-to-end governance, visibility, analytics, and automation and orchestration.<\/p>\n\n\n\nMicrosoft helps implement Executive Order 14028<\/h2>\n\n\n\n