{"id":127244,"date":"2023-04-24T10:00:00","date_gmt":"2023-04-24T17:00:00","guid":{"rendered":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/?p=127244"},"modified":"2024-04-08T13:51:40","modified_gmt":"2024-04-08T20:51:40","slug":"stay-compliant-and-protect-sensitive-data-with-zero-trust-security","status":"publish","type":"post","link":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2023\/04\/24\/stay-compliant-and-protect-sensitive-data-with-zero-trust-security\/","title":{"rendered":"Stay compliant and protect sensitive data with Zero Trust security"},"content":{"rendered":"\n<p>Regulatory standards frequently shift and tighten, especially with the rise of hybrid work environments. And with the explosion of data growth, organizations have seen a massive uptick in cybersecurity issues and needs. According to IBM\u2019s 2022 Cost of a Data Breach Report, 83 percent of organizations experienced more than one data breach in their lifetime.<sup>1<\/sup> Of these instances, 20 percent of the data breaches are due to malicious internal actors. If that statistic isn\u2019t enough to illustrate the evolving threat landscape, almost 40 percent of organizations reported the average cost of a single data breach from an insider event was more than USD500,000, with an average of 20 events per year, according to our Building a Holistic Insider Risk Management Program report.<sup>2<\/sup><\/p>\n\n\n\n<p>As more organizations shift to a hybrid work model, cybersecurity leaders need a way to strengthen and secure growing boundaries. They are struggling now more than ever with a fragmented solution landscape and increased, more sophisticated threats to data security.<\/p>\n\n\n\n<p>A <a href=\"https:\/\/www.microsoft.com\/security\/business\/zero-trust\">Zero Trust<\/a> architecture is a critical component to modernizing security programs and ensuring sensitive organizational data and identities are kept safe. Plus, it can help organizations stay in compliance with regulatory standards.<\/p>\n\n\n\n<p>In this blog, we\u2019ll discuss how implementing a Zero Trust framework helps organizations meet compliance and <a href=\"https:\/\/www.microsoft.com\/en-us\/security\/business\/security-101\/what-is-data-security\">data security<\/a> requirements, prevent, identify, and secure sensitive business data, and reduce business damage from a breach.<\/p>\n\n\n\n<p>As regulatory and compliance requirements evolve in response to technological transformations, organizations must rapidly modernize their security posture to protect sensitive data and processes. A Zero Trust architecture is a comprehensive security strategy to help you secure your data and prepare your organization for future threats.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"prevent-and-reduce-the-impact-of-internal-or-external-bad-actors-on-business-damage-from-a-breach\">Prevent and reduce the impact of internal or external bad actors on business damage from a breach<\/h2>\n\n\n\n<p>Applying the Zero Trust principle of \u201cassume breach\u201d helps proactively <a href=\"https:\/\/query.prod.cms.rt.microsoft.com\/cms\/api\/am\/binary\/RWZlng\" target=\"_blank\" rel=\"noreferrer noopener\">minimize the impact of security attacks<\/a> from internal and external bad actors by implementing specific security measures using all available data points and enforcing least privileged access to secure digital environments:<\/p>\n\n\n\n<ul>\n<li>Data classification and end-to-end encryption.<\/li>\n\n\n\n<li>Sequence detection and user context to detect critical insider risks.<\/li>\n\n\n\n<li>Policy configuration to prevent data loss.<\/li>\n\n\n\n<li>Automated threat detection and response.<\/li>\n<\/ul>\n\n\n\n<p>Implementing redundant security mechanisms, collecting system telemetry and using it to detect anomalies, and\u2014wherever possible\u2014connecting that insight to automation empowers a business to prevent, respond, and remediate data security incidents efficiently.<\/p>\n\n\n\n<p>Assuming breach involves organizations first determining if they have the right data security strategies and controls in place and if they can measure their breach risk. This also involves understanding both internal and external activity around sensitive data, wherever it lives and throughout its entire lifecycle. A Zero Trust lens can help organizations implement the right protection to detect and remediate modern and evolving cyber risks and vulnerabilities in a timely, preventative measure.<\/p>\n\n\n\n<p>Managing insider risks provides insights into events that could potentially lead to data theft or other exfiltration activities happening inside of your organization. And by configuring dynamic policies with protective actions, you can prevent data from unauthorized use across apps, services, and devices, even in hybrid work environments. Implementing a Zero Trust architecture helps organizations confidently prevent sensitive data loss.<\/p>\n\n\n\n<p>Identifying the business risk of a <a href=\"https:\/\/www.microsoft.com\/en-us\/security\/business\/security-101\/what-is-a-data-breach\">data breach<\/a> and the resulting damage to reputations and relationships also reduces the impact of a major incident, such as serious risks to data security structure, financial health, and market reputation. A Zero Trust framework provides the visibility, controls, and redundancy necessary to quickly detect, deter, and defend against data security risks, and to secure sensitive data by proactively detecting and minimizing those risks.<\/p>\n\n\n\n<p>Implementing a Zero Trust architecture ultimately bridges the gap between balancing data security and enabling productivity, without compromising either. Reduce the blast radius of security attacks and use proper access controls to strengthen security posture, which helps to minimize reputational damage, the financial costs of a security breach, cyber insurance premiums, and employee burnout among security teams.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"identify-and-protect-sensitive-business-data-and-identities\">Identify and protect sensitive business data and identities<\/h2>\n\n\n\n<figure class=\"wp-block-image size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"601\" height=\"601\" src=\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2023\/04\/Picture1-4.png\" alt=\"A lock with a circular arrow around it and several icons depicting a fingerprint, a robot, files, and a laptop and cell phone.\" class=\"wp-image-127247\" srcset=\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2023\/04\/Picture1-4.png 601w, https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2023\/04\/Picture1-4-300x300.png 300w, https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2023\/04\/Picture1-4-150x150.png 150w, https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2023\/04\/Picture1-4-100x100.png 100w\" sizes=\"(max-width: 601px) 100vw, 601px\" \/><\/figure>\n\n\n\n<p><em>Figure 1. Through a comprehensive Zero Trust approach, organizations can secure their most precious data and devices and prevent bad internal and external actors from breaching.<\/em><\/p>\n\n\n\n<p>Identifying the most critical data and identities is important for a Zero Trust approach. A more robust security posture begins by understanding the organization\u2019s security architecture before integrating controls and signaling across layers to apply and enforce unified policies. The Zero Trust architecture extends throughout the entire digital estate and serves as an integrated, unified security strategy to reduce the complexity and time-consuming aspects of end-to-end security.<\/p>\n\n\n\n<p>Organizations must first gain visibility into what assets\u2014such as identities, endpoints, apps, networks, infrastructure, and data\u2014exist within their organization. Then, assess their current risk and identify which assets should be prioritized and which ones users are interacting with.<\/p>\n\n\n\n<p>Securing sensitive data must involve these key steps:<\/p>\n\n\n\n<ul>\n<li><strong>Gaining visibility<\/strong> into the existence (across multicloud, on-premises, and hybrid environments) and risks associated with how sensitive data is being used, accessed, and shared through built-in, ready-to-use machine learning models.<\/li>\n\n\n\n<li><strong>Understanding insider risks<\/strong> by gaining insight into how users are interacting with sensitive data and leveraging sequence detection to understand user intent.<\/li>\n\n\n\n<li><strong>Preventing data loss <\/strong>by preventing sensitive data from unauthorized use across apps, services, and devices.<\/li>\n\n\n\n<li><strong>Leveraging dynamic controls to <\/strong>adjust data loss prevention policies to address the most critical data risks.<\/li>\n<\/ul>\n\n\n\n<p>These steps enable organizations to adopt a comprehensive end-to-end strategy to manage security and apply protection actions\u2014such as encryption, access restrictions, and visual markings\u2014that safeguard your data, even if it leaves the devices, apps, infrastructure, and networks that the organization controls.<\/p>\n\n\n\n<p>When data and sensitive content is understood, classified, and identified, organizations can:<\/p>\n\n\n\n<ul>\n<li>Inform and enforce policy decisions to block sharing of emails, attachments, or documents that contain sensitive data.<\/li>\n\n\n\n<li>Encrypt files with sensitivity labels on device endpoints.<\/li>\n\n\n\n<li>Auto-classify content with sensitivity labels through policy and machine learning.<\/li>\n\n\n\n<li>Detect sensitive data that travels inside and outside your digital estate and understand user context to better investigate and mitigate risks.<\/li>\n<\/ul>\n\n\n\n<p>Fine-tuned adaptive access controls, such as requiring <a href=\"https:\/\/www.microsoft.com\/security\/business\/identity-access\/azure-active-directory-mfa-multi-factor-authentication\">multifactor authentication<\/a> or device security policies, based upon user context, device, location, and session risk information, move the security perimeter to where data lives and encourage strict control over digital identities and identity access. This enables the implementation of security controls within each layer of the security architecture to further segment access.<\/p>\n\n\n\n<p>Policies and real-time signals are required to determine when to allow, block, or limit access, or require additional proofs like <a href=\"https:\/\/docs.microsoft.com\/azure\/active-directory\/authentication\/concept-mfa-howitworks\" target=\"_blank\" rel=\"noreferrer noopener\">multifactor authentication<\/a> so that organizations can improve boundaryless collaboration without putting their data at risk.<\/p>\n\n\n\n<p>By adopting Zero Trust, organizations understand the context of user activity around sensitive data and can prevent unauthorized use or loss of data. Types of data security that help protect against data breaches and help meet regulatory requirements include:<\/p>\n\n\n\n<ul>\n<li><a href=\"https:\/\/www.microsoft.com\/security\/business\/information-protection\/microsoft-purview-data-loss-prevention\">Data loss prevention<\/a> to guard against unauthorized use of sensitive data.<\/li>\n\n\n\n<li>Encryption to make files unreadable for unauthorized users.<\/li>\n\n\n\n<li>Information protection to help classify sensitive data found in files and documents.<\/li>\n\n\n\n<li><a href=\"https:\/\/www.microsoft.com\/security\/business\/risk-management\/microsoft-purview-insider-risk-management\">Insider risk management<\/a> to mitigate potentially risky user activity that may result in a data security incident.<\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"proactively-meet-regulatory-requirements\">Proactively meet regulatory requirements<\/h2>\n\n\n\n<p>Microsoft\u2019s Zero Trust security framework can help your organization <a href=\"https:\/\/query.prod.cms.rt.microsoft.com\/cms\/api\/am\/binary\/RWZlnf\" target=\"_blank\" rel=\"noreferrer noopener\">meet many regulatory and compliance standards<\/a> by default, including compliance requirements surrounding data, compliance, and law. This involves securing data, including personally identifiable information, financial data, health information, and intellectual property, all of which are at high risk of theft, loss, or exfiltration. Thus, protecting sensitive data is imperative.<\/p>\n\n\n\n<p>While these regulatory standards will differ depending on the organization, they help organizations meet both security and compliance requirements.<\/p>\n\n\n\n<p>Some important regulations include:<\/p>\n\n\n\n<ul>\n<li><a href=\"https:\/\/gdpr.eu\/what-is-gdpr\/#:~:text=The%20General%20Data%20Protection%20Regulation,to%20people%20in%20the%20EU.\" target=\"_blank\" rel=\"noreferrer noopener\">General Data Protection Regulation<\/a> (GDPR)<\/li>\n\n\n\n<li><a href=\"https:\/\/www.cdc.gov\/phlp\/publications\/topic\/hipaa.html\" target=\"_blank\" rel=\"noreferrer noopener\">Health Insurance Portability and Accountability Act<\/a> (HIPAA)<\/li>\n\n\n\n<li><a href=\"https:\/\/oag.ca.gov\/privacy\/ccpa\" target=\"_blank\" rel=\"noreferrer noopener\">California Consumer Privacy Act<\/a> (CCPA)<\/li>\n<\/ul>\n\n\n\n<p>Adopting a Zero Trust architecture can also help you exceed standards and requirements, which enhances proactive, preventative security protection and enables:<\/p>\n\n\n\n<ul>\n<li>A deeper, more consistent integration across all security pillars, which will simplify unified policy enforcement.<\/li>\n\n\n\n<li>Increased empowerment across all security teams, allowing for protection against more sophisticated and serious security attacks.<\/li>\n\n\n\n<li>A more efficient management of organizational security posture management through the simplification of configuring and managing various policies and improving on old security practices.<\/li>\n\n\n\n<li>Enhanced security to protect against IT skills shortages and staff capacity, ultimately breaking down the silos between security pillars and enabling organizations of different sizes and industries to adopt Zero Trust more easily.<\/li>\n\n\n\n<li>Cross-platform and cross-cloud security protection to enable visibility across all workflows and integrate with Microsoft Azure platforms.<\/li>\n<\/ul>\n\n\n\n<p>A Zero Trust model helps with understanding the policies needed to comply with governance requirements. It enables continuous assessments\u2014from taking inventory of data risks to implementing controls and staying current with regulations and certifications.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"zero-trust-journey-how-to-get-started\">Zero Trust journey: How to get started<\/h2>\n\n\n\n<p>Organizations can get started by determining their place in the <a href=\"https:\/\/query.prod.cms.rt.microsoft.com\/cms\/api\/am\/binary\/RWJJdT\" target=\"_blank\" rel=\"noreferrer noopener\">Zero Trust journey<\/a>:<\/p>\n\n\n\n<ul>\n<li><strong>Getting started (first stage):<\/strong> Using strong authentication methods such as multifactor authentication and single sign-on access to cloud apps.<\/li>\n\n\n\n<li><strong>Advanced (significant progress):<\/strong> Using real-time insider risk analytics and proactively finding and fixing security issues to reduce threats.<\/li>\n\n\n\n<li><strong>Optimal (most mature stage): <\/strong>Using automated <a href=\"https:\/\/www.microsoft.com\/security\/business\/solutions\/siem-xdr-threat-protection\">threat detection and response<\/a> across all security pillars to speed up threat detection and prevention.<\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"embrace-zero-trust-security\">Embrace Zero Trust security<\/h2>\n\n\n\n<p>Adopting an end-to-end Zero Trust strategy is a critical step your organization can take to modernize your security posture and exceed required regulatory and compliance standards. To learn more about implementing Zero Trust with Microsoft:<\/p>\n\n\n\n<ul>\n<li>Get started with our&nbsp;<a href=\"https:\/\/www.microsoft.com\/security\/business\/zero-trust\/maturity-model-assessment-tool?activetab=solution-wizard%3aprimaryr1\">Zero Trust assessment tool<\/a>.<\/li>\n\n\n\n<li><a href=\"https:\/\/www.microsoft.com\/security\/blog\/2023\/02\/27\/5-reasons-to-adopt-a-zero-trust-security-strategy-for-your-business\/\">5 reasons to adopt a Zero Trust security strategy for your business<\/a>.<\/li>\n\n\n\n<li><a href=\"https:\/\/query.prod.cms.rt.microsoft.com\/cms\/api\/am\/binary\/RWZ3aw\" target=\"_blank\" rel=\"noreferrer noopener\">Securely work from anywhere<\/a>.<\/li>\n\n\n\n<li><a href=\"https:\/\/query.prod.cms.rt.microsoft.com\/cms\/api\/am\/binary\/RWZ5ME\" target=\"_blank\" rel=\"noreferrer noopener\">Safeguard your most critical assets<\/a>.<\/li>\n\n\n\n<li><a href=\"https:\/\/query.prod.cms.rt.microsoft.com\/cms\/api\/am\/binary\/RWZlnf\" target=\"_blank\" rel=\"noreferrer noopener\">Meet regulatory and compliance requirements<\/a>.<\/li>\n\n\n\n<li><a href=\"https:\/\/query.prod.cms.rt.microsoft.com\/cms\/api\/am\/binary\/RWZlng\" target=\"_blank\" rel=\"noreferrer noopener\">Minimize the impact of internal or external bad actors<\/a>.<\/li>\n\n\n\n<li><a href=\"https:\/\/query.prod.cms.rt.microsoft.com\/cms\/api\/am\/binary\/RWYXX6\" target=\"_blank\" rel=\"noreferrer noopener\">Rapidly modernize your security posture<\/a>.<\/li>\n<\/ul>\n\n\n\n<p>To learn more about Microsoft Security solutions,&nbsp;<a href=\"https:\/\/www.microsoft.com\/security\">visit our&nbsp;website<\/a>.&nbsp;Bookmark the&nbsp;<a href=\"https:\/\/www.microsoft.com\/security\/blog\/\">Security blog<\/a>&nbsp;to keep up with our expert coverage on security matters. Also, follow us on LinkedIn (<a href=\"https:\/\/www.linkedin.com\/showcase\/microsoft-security\/\" target=\"_blank\" rel=\"noreferrer noopener\">Microsoft Security<\/a>) and Twitter (<a href=\"https:\/\/twitter.com\/@MSFTSecurity\" target=\"_blank\" rel=\"noreferrer noopener\">@MSFTSecurity<\/a>)&nbsp;for the latest news and updates on cybersecurity.<\/p>\n\n\n\n<div style=\"height:43px\" aria-hidden=\"true\" class=\"wp-block-spacer\"><\/div>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<p><sup>1<\/sup><a href=\"https:\/\/www.ibm.com\/security\/data-breach\" target=\"_blank\" rel=\"noreferrer noopener\">Cost of a Data Breach Report 2022<\/a>, IBM. 2022.<\/p>\n\n\n\n<p><sup>2<\/sup><a href=\"https:\/\/query.prod.cms.rt.microsoft.com\/cms\/api\/am\/binary\/RE59jhs\" target=\"_blank\" rel=\"noreferrer noopener\">Building a Holistic Insider Risk Management Program<\/a>, Microsoft. 2022.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Learn how to secure data and identities and meet compliance requirements with a comprehensive Zero Trust approach.<\/p>\n","protected":false},"author":162,"featured_media":127246,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"ep_exclude_from_search":false,"_classifai_error":"","footnotes":""},"content-type":[3659],"topic":[3689],"products":[3726],"threat-intelligence":[],"tags":[3809],"coauthors":[2200],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v22.9 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Stay compliant with Zero Trust security | Microsoft Security Blog<\/title>\n<meta name=\"description\" content=\"Learn how to secure data and identities and meet compliance requirements with a comprehensive Zero Trust approach from Microsoft.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2023\/04\/24\/stay-compliant-and-protect-sensitive-data-with-zero-trust-security\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Stay compliant with Zero Trust security | Microsoft Security Blog\" \/>\n<meta property=\"og:description\" content=\"Learn how to secure data and identities and meet compliance requirements with a comprehensive Zero Trust approach from Microsoft.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2023\/04\/24\/stay-compliant-and-protect-sensitive-data-with-zero-trust-security\/\" \/>\n<meta property=\"og:site_name\" content=\"Microsoft Security Blog\" \/>\n<meta property=\"article:published_time\" content=\"2023-04-24T17:00:00+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2024-04-08T20:51:40+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2023\/04\/CLO22_Warehouse_016-1-1.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"800\" \/>\n\t<meta property=\"og:image:height\" content=\"533\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Rudra Mitra\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:image\" content=\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2023\/04\/CLO22_Warehouse_016-1-1.jpg\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Rudra Mitra\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"7 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2023\/04\/24\/stay-compliant-and-protect-sensitive-data-with-zero-trust-security\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2023\/04\/24\/stay-compliant-and-protect-sensitive-data-with-zero-trust-security\/\"},\"author\":[{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/author\/rudra-mitra\/\",\"@type\":\"Person\",\"@name\":\"Rudra Mitra\"}],\"headline\":\"Stay compliant and protect sensitive data with Zero Trust security\",\"datePublished\":\"2023-04-24T17:00:00+00:00\",\"dateModified\":\"2024-04-08T20:51:40+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2023\/04\/24\/stay-compliant-and-protect-sensitive-data-with-zero-trust-security\/\"},\"wordCount\":1675,\"publisher\":{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#organization\"},\"image\":{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2023\/04\/24\/stay-compliant-and-protect-sensitive-data-with-zero-trust-security\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2023\/04\/CLO22_Warehouse_016-1-1.jpg\",\"keywords\":[\"Security strategies\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2023\/04\/24\/stay-compliant-and-protect-sensitive-data-with-zero-trust-security\/\",\"url\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2023\/04\/24\/stay-compliant-and-protect-sensitive-data-with-zero-trust-security\/\",\"name\":\"Stay compliant with Zero Trust security | Microsoft Security Blog\",\"isPartOf\":{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2023\/04\/24\/stay-compliant-and-protect-sensitive-data-with-zero-trust-security\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2023\/04\/24\/stay-compliant-and-protect-sensitive-data-with-zero-trust-security\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2023\/04\/CLO22_Warehouse_016-1-1.jpg\",\"datePublished\":\"2023-04-24T17:00:00+00:00\",\"dateModified\":\"2024-04-08T20:51:40+00:00\",\"description\":\"Learn how to secure data and identities and meet compliance requirements with a comprehensive Zero Trust approach from Microsoft.\",\"breadcrumb\":{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2023\/04\/24\/stay-compliant-and-protect-sensitive-data-with-zero-trust-security\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2023\/04\/24\/stay-compliant-and-protect-sensitive-data-with-zero-trust-security\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2023\/04\/24\/stay-compliant-and-protect-sensitive-data-with-zero-trust-security\/#primaryimage\",\"url\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2023\/04\/CLO22_Warehouse_016-1-1.jpg\",\"contentUrl\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2023\/04\/CLO22_Warehouse_016-1-1.jpg\",\"width\":800,\"height\":533,\"caption\":\"Security practitioner working to investigate threats.\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2023\/04\/24\/stay-compliant-and-protect-sensitive-data-with-zero-trust-security\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Stay compliant and protect sensitive data with Zero Trust security\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#website\",\"url\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/\",\"name\":\"Microsoft Security Blog\",\"description\":\"Expert coverage of cybersecurity topics\",\"publisher\":{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#organization\",\"name\":\"Microsoft Security Blog\",\"url\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2018\/08\/cropped-cropped-microsoft_logo_element.png\",\"contentUrl\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2018\/08\/cropped-cropped-microsoft_logo_element.png\",\"width\":512,\"height\":512,\"caption\":\"Microsoft Security Blog\"},\"image\":{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#\/schema\/logo\/image\/\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Stay compliant with Zero Trust security | Microsoft Security Blog","description":"Learn how to secure data and identities and meet compliance requirements with a comprehensive Zero Trust approach from Microsoft.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2023\/04\/24\/stay-compliant-and-protect-sensitive-data-with-zero-trust-security\/","og_locale":"en_US","og_type":"article","og_title":"Stay compliant with Zero Trust security | Microsoft Security Blog","og_description":"Learn how to secure data and identities and meet compliance requirements with a comprehensive Zero Trust approach from Microsoft.","og_url":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2023\/04\/24\/stay-compliant-and-protect-sensitive-data-with-zero-trust-security\/","og_site_name":"Microsoft Security Blog","article_published_time":"2023-04-24T17:00:00+00:00","article_modified_time":"2024-04-08T20:51:40+00:00","og_image":[{"width":800,"height":533,"url":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2023\/04\/CLO22_Warehouse_016-1-1.jpg","type":"image\/jpeg"}],"author":"Rudra Mitra","twitter_card":"summary_large_image","twitter_image":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2023\/04\/CLO22_Warehouse_016-1-1.jpg","twitter_misc":{"Written by":"Rudra Mitra","Est. reading time":"7 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2023\/04\/24\/stay-compliant-and-protect-sensitive-data-with-zero-trust-security\/#article","isPartOf":{"@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2023\/04\/24\/stay-compliant-and-protect-sensitive-data-with-zero-trust-security\/"},"author":[{"@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/author\/rudra-mitra\/","@type":"Person","@name":"Rudra Mitra"}],"headline":"Stay compliant and protect sensitive data with Zero Trust security","datePublished":"2023-04-24T17:00:00+00:00","dateModified":"2024-04-08T20:51:40+00:00","mainEntityOfPage":{"@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2023\/04\/24\/stay-compliant-and-protect-sensitive-data-with-zero-trust-security\/"},"wordCount":1675,"publisher":{"@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#organization"},"image":{"@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2023\/04\/24\/stay-compliant-and-protect-sensitive-data-with-zero-trust-security\/#primaryimage"},"thumbnailUrl":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2023\/04\/CLO22_Warehouse_016-1-1.jpg","keywords":["Security strategies"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2023\/04\/24\/stay-compliant-and-protect-sensitive-data-with-zero-trust-security\/","url":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2023\/04\/24\/stay-compliant-and-protect-sensitive-data-with-zero-trust-security\/","name":"Stay compliant with Zero Trust security | Microsoft Security Blog","isPartOf":{"@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2023\/04\/24\/stay-compliant-and-protect-sensitive-data-with-zero-trust-security\/#primaryimage"},"image":{"@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2023\/04\/24\/stay-compliant-and-protect-sensitive-data-with-zero-trust-security\/#primaryimage"},"thumbnailUrl":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2023\/04\/CLO22_Warehouse_016-1-1.jpg","datePublished":"2023-04-24T17:00:00+00:00","dateModified":"2024-04-08T20:51:40+00:00","description":"Learn how to secure data and identities and meet compliance requirements with a comprehensive Zero Trust approach from Microsoft.","breadcrumb":{"@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2023\/04\/24\/stay-compliant-and-protect-sensitive-data-with-zero-trust-security\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.microsoft.com\/en-us\/security\/blog\/2023\/04\/24\/stay-compliant-and-protect-sensitive-data-with-zero-trust-security\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2023\/04\/24\/stay-compliant-and-protect-sensitive-data-with-zero-trust-security\/#primaryimage","url":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2023\/04\/CLO22_Warehouse_016-1-1.jpg","contentUrl":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2023\/04\/CLO22_Warehouse_016-1-1.jpg","width":800,"height":533,"caption":"Security practitioner working to investigate threats."},{"@type":"BreadcrumbList","@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2023\/04\/24\/stay-compliant-and-protect-sensitive-data-with-zero-trust-security\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/"},{"@type":"ListItem","position":2,"name":"Stay compliant and protect sensitive data with Zero Trust security"}]},{"@type":"WebSite","@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#website","url":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/","name":"Microsoft Security Blog","description":"Expert coverage of cybersecurity topics","publisher":{"@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#organization","name":"Microsoft Security Blog","url":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2018\/08\/cropped-cropped-microsoft_logo_element.png","contentUrl":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2018\/08\/cropped-cropped-microsoft_logo_element.png","width":512,"height":512,"caption":"Microsoft Security Blog"},"image":{"@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#\/schema\/logo\/image\/"}}]}},"distributor_meta":false,"distributor_terms":false,"distributor_media":false,"distributor_original_site_name":"Microsoft Security Blog","distributor_original_site_url":"https:\/\/www.microsoft.com\/en-us\/security\/blog","push-errors":false,"_links":{"self":[{"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/posts\/127244"}],"collection":[{"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/users\/162"}],"replies":[{"embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/comments?post=127244"}],"version-history":[{"count":1,"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/posts\/127244\/revisions"}],"predecessor-version":[{"id":133962,"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/posts\/127244\/revisions\/133962"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/media\/127246"}],"wp:attachment":[{"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/media?parent=127244"}],"wp:term":[{"taxonomy":"content-type","embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/content-type?post=127244"},{"taxonomy":"topic","embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/topic?post=127244"},{"taxonomy":"products","embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/products?post=127244"},{"taxonomy":"threat-intelligence","embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/threat-intelligence?post=127244"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/tags?post=127244"},{"taxonomy":"author","embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/coauthors?post=127244"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}