{"id":91974,"date":"2020-09-29T11:00:10","date_gmt":"2020-09-29T18:00:10","guid":{"rendered":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/\/?p=91974"},"modified":"2023-05-15T23:05:10","modified_gmt":"2023-05-16T06:05:10","slug":"microsoft-advanced-compliance-solutions-zero-trust-architecture","status":"publish","type":"post","link":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2020\/09\/29\/microsoft-advanced-compliance-solutions-zero-trust-architecture\/","title":{"rendered":"Microsoft Advanced Compliance Solutions in Zero Trust Architecture"},"content":{"rendered":"<p>Zero Trust revolves around three key principles:\u00a0 verify explicitly, use least privileged access, and assume breach.\u00a0 Microsoft\u2019s <a href=\"https:\/\/docs.microsoft.com\/en-us\/microsoft-365\/compliance\/?view=o365-worldwide\" target=\"_blank\" rel=\"noopener noreferrer\">Advanced Compliance Solutions<\/a> are an important part of Zero Trust.<\/p>\n<p>This post applies a <a href=\"https:\/\/www.microsoft.com\/en-us\/security\/business\/zero-trust\" target=\"_blank\" rel=\"noopener noreferrer\">Zero Trust<\/a> lens to protecting an organization\u2019s sensitive data and maintaining compliance with relevant standards. Ultimately, Zero Trust architecture is a modern approach to security that focuses on security and compliance for assets regardless of their physical or network location, which contrasts with classic approaches that attempt to force all assets on a \u2018secure\u2019 and compliant network.<\/p>\n<p>A Zero Trust strategy should start with Identity and Access Management.\u00a0 Microsoft built Azure Active Directory (AAD) to enable rapid Zero Trust adoption:<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full wp-image-91975\" src=\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/\/wp-content\/uploads\/2020\/09\/zerotrust-1.png\" alt=\"An image of the workflows and visualizations to manage cases.\" width=\"816\" height=\"459\" srcset=\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2020\/09\/zerotrust-1.png 816w, https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2020\/09\/zerotrust-1-300x169.png 300w, https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2020\/09\/zerotrust-1-768x432.png 768w, https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2020\/09\/zerotrust-1-687x385.png 687w, https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2020\/09\/zerotrust-1-767x431.png 767w, https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2020\/09\/zerotrust-1-539x303.png 539w\" sizes=\"auto, (max-width: 816px) 100vw, 816px\" \/><\/p>\n<p>Architects focus on applying the Zero Trust principles to protect and monitor six technical pillars of the enterprise including:<\/p>\n<ul>\n<li>Identity<\/li>\n<li>Devices<\/li>\n<li>Applications and APIs<\/li>\n<li>Data<\/li>\n<li>Infrastructure<\/li>\n<li>Networks<\/li>\n<\/ul>\n<p>In an integrated <a href=\"https:\/\/www.microsoft.com\/en-us\/security\/business\/zero-trust\" target=\"_blank\" rel=\"noopener noreferrer\">Microsoft Zero Trust<\/a> solution, AAD and Microsoft Defender for Identity provide protection, monitoring, and trust insights in the User\/Identity Pillar. Microsoft Defender for Endpoints and Intune protect and manage the Device.\u00a0 Azure Security Center and Azure Sentinel monitor, report, and provide automated playbooks to deal with events.<\/p>\n<p>Microsoft\u2019s Advanced Compliance solutions are foundational to Zero Trust as well, particularly when implemented to support Microsoft 365.<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-large wp-image-91976\" src=\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/\/wp-content\/uploads\/2020\/09\/zerotrust-2-1024x504.png\" alt=\"Microsoft\u2019s Advanced Compliance solutions are foundational to Zero Trust as well, particularly when implemented to support Microsoft 365. \" width=\"1024\" height=\"504\" srcset=\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2020\/09\/zerotrust-2-1024x504.png 1024w, https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2020\/09\/zerotrust-2-300x148.png 300w, https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2020\/09\/zerotrust-2-768x378.png 768w, https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2020\/09\/zerotrust-2-1536x755.png 1536w, https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2020\/09\/zerotrust-2.png 1879w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><\/p>\n<p>Microsoft Information Protection, Insider Risk Management, and Microsoft Cloud App Security are all part of a complete Zero Trust architecture.<\/p>\n<p>Advanced Auditing can increase the visibility around insider or bad actor\u2019s activities with sensitive data like documents and emails as well as increasing the period over which audit data is available for review.<\/p>\n<p>Let\u2019s look closer at these solutions:<\/p>\n<ul>\n<li><a href=\"https:\/\/docs.microsoft.com\/en-us\/graph\/information-protection-overview\" target=\"_blank\" rel=\"noopener noreferrer\">Microsoft Information Protection<\/a>: Allows policy enforcement at the document level based on AAD identity.\u00a0 This protection is resident with the document throughout its lifecycle.\u00a0 It controls the identities, groups or organizations that can access the document, expires access to the document and controls what authorized users can do with the document e.g. view, print, cut and paste as well as other controls like enforced watermarking.\u00a0 These controls can be mandatory or can support users with suggested protection.\u00a0 The policy can be informed by <a href=\"https:\/\/docs.microsoft.com\/en-us\/microsoft-365\/compliance\/classifier-getting-started-with?view=o365-worldwide#trainable-classifiers\" target=\"_blank\" rel=\"noopener noreferrer\">machine learning<\/a>, <a href=\"https:\/\/docs.microsoft.com\/en-us\/microsoft-365\/compliance\/sensitive-information-type-entity-definitions?view=o365-worldwide\" target=\"_blank\" rel=\"noopener noreferrer\">standard sensitivity data types (like social security numbers)<\/a>, regular expressions, keywords or <a href=\"https:\/\/docs.microsoft.com\/en-us\/microsoft-365\/compliance\/create-custom-sensitive-information-types-with-exact-data-match-based-classification?view=o365-worldwide\" target=\"_blank\" rel=\"noopener noreferrer\">exact data match<\/a>.\u00a0 When users elect to apply different protection than recommended, their actions are tracked for later review.\u00a0 Documents can thus be protected throughout their lifecycle, wherever they may travel and to whomever they may be transmitted.<\/li>\n<\/ul>\n<p>Microsoft Information Protection sensitivity labels are fully integrated with our data loss prevention solution, preventing movement of sensitive information at the boundary of the cloud, between Microsoft and third-party clouds, and at the device endpoint (e.g. laptop).<\/p>\n<ul>\n<li><a href=\"https:\/\/docs.microsoft.com\/en-us\/microsoft-365\/compliance\/insider-risk-management?view=o365-worldwide\" target=\"_blank\" rel=\"noopener noreferrer\">Insider Risk Management<\/a>: Applies machine learning to the signals available from Microsoft O365 tenant logs, integration with Microsoft Defender Advanced Threat Protection and an increasing number of Microsoft and third party relevant signals to alert on insiders such as employees or contractors who are misusing their access. Default policies are provided, and enterprises can customize policies to meet their needs including for specific projects or scoped to users deemed to be at high risk.\u00a0\u00a0 These policies allow you to identify risky activities and mitigate these risks.\u00a0 Current areas of focus for the solution are:<\/li>\n<\/ul>\n<ul>\n<li style=\"list-style-type: none;\">\n<ul>\n<li>Leaks of sensitive data and data spillage<\/li>\n<li>Confidentiality violations<\/li>\n<li>Intellectual property (IP) theft<\/li>\n<li>Fraud<\/li>\n<li>Insider trading<\/li>\n<li>Regulatory compliance violations<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<p>These signals are visualized and actioned by other Microsoft solutions.\u00a0 Insider Risk Management uses its specialized algorithms and machine learning to correlate signal and expose Insider Risks in context.\u00a0 It also provides workflows and visualizations to manage cases.<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full wp-image-91977\" src=\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/\/wp-content\/uploads\/2020\/09\/zerotrust-3.png\" alt=\"Insider Risk Management is integrated with AAD and acts on signals from Microsoft Information Protection.\" width=\"850\" height=\"514\" srcset=\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2020\/09\/zerotrust-3.png 850w, https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2020\/09\/zerotrust-3-300x181.png 300w, https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2020\/09\/zerotrust-3-768x464.png 768w\" sizes=\"auto, (max-width: 850px) 100vw, 850px\" \/><\/p>\n<p>Insider Risk Management is integrated with AAD and acts on signals from Microsoft Information Protection as well as others in the tenant, providing additional security value from the systems already in place.\u00a0 The alerts generated by the system can be managed with the native case management features or surfaced to Azure Sentinel or third-party systems through the API.<\/p>\n<ul>\n<li><a href=\"https:\/\/docs.microsoft.com\/en-us\/cloud-app-security\/what-is-cloud-app-security#:~:text=Microsoft%20Cloud%20App%20Security%20is%20a%20Cloud%20Access,Microsoft%20Cloud%20App%20Security%20natively%20integrates%20with%20\" target=\"_blank\" rel=\"noopener noreferrer\">Microsoft Cloud App Security<\/a>: Is a Cloud Access Security Broker that supports various deployment modes including log collection, API connectors, and reverse proxy. It provides rich visibility, granular control over data travel, and sophisticated analytics to identify and combat cyber threats across all Microsoft and third-party cloud services. It controls shadow IT.\u00a0 It can be used to govern the use of Microsoft and third-party clouds and the sensitive information placed there.<\/li>\n<\/ul>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-large wp-image-91978\" src=\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/\/wp-content\/uploads\/2020\/09\/zerotrust-4-1024x800.png\" alt=\"An image of advanced Auditing for M365.\" width=\"1024\" height=\"800\" srcset=\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2020\/09\/zerotrust-4-1024x800.png 1024w, https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2020\/09\/zerotrust-4-300x234.png 300w, https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2020\/09\/zerotrust-4-768x600.png 768w, https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2020\/09\/zerotrust-4.png 1162w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><\/p>\n<ul>\n<li><a href=\"https:\/\/docs.microsoft.com\/en-us\/microsoft-365\/compliance\/advanced-audit?view=o365-worldwide#:~:text=%20Advanced%20Audit%20in%20Microsoft%20365%20%201,that%20access%20auditing%20logs%20through%20the...%20More%20\" target=\"_blank\" rel=\"noopener noreferrer\">Advanced Auditing for M365<\/a>: Advanced Audit retains all Exchange, SharePoint, and Azure Active Directory audit records for a default of one year.\u00a0 You can retain audit logs for up to ten years.\u00a0 Crucial events for investigations, such as <a href=\"https:\/\/docs.microsoft.com\/en-us\/microsoft-365\/compliance\/mailitemsaccessed-forensics-investigations?view=o365-worldwide\" target=\"_blank\" rel=\"noopener noreferrer\">whether an attacker has accessed a mail message<\/a>, whether a sensitive document is re-labeled and many other new log data types are part of this solution.\u00a0 Investigation playbooks will also shortly be part of this solution.<\/li>\n<\/ul>\n<p>These Advanced Compliance solutions have native visibility into AAD, the Microsoft Tenant, and into each other.\u00a0 For example, Insider Risk Management has visibility into Microsoft Information Protection sensitivity labels.\u00a0 Microsoft Cloud App Security has visibility into and can act on sensitivity labels.<\/p>\n<p>This visibility and machine learning run through the Microsoft Security and Advanced Compliance solutions, making them particularly well suited to a holistic <a href=\"https:\/\/www.microsoft.com\/en-us\/security\/business\/zero-trust\" target=\"_blank\" rel=\"noopener noreferrer\">Zero Trust<\/a> architecture.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Zero Trust architecture starts with Identity and Access Management but it doesn\u2019t end there.  Microsoft Advanced Compliance solutions complement Azure Active Directory and Conditional Access with important protections around the data, applications and network pillars.  <\/p>\n","protected":false},"author":96,"featured_media":91982,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"ms_queue_id":[],"ep_exclude_from_search":false,"_classifai_error":"","_classifai_text_to_speech_error":"","footnotes":""},"content-type":[3662],"topic":[3668,3685,3689],"products":[3726],"threat-intelligence":[],"tags":[],"coauthors":[2218,1905],"class_list":["post-91974","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","content-type-news","topic-compliance","topic-siem-and-xdr","topic-zero-trust","products-microsoft-sentinel"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v24.7 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Microsoft Advanced Compliance Solutions in Zero Trust Architecture | Microsoft Security Blog<\/title>\n<meta name=\"description\" content=\"Zero Trust architecture starts with Identity and Access Management but it doesn\u2019t end there. Microsoft Advanced Compliance solutions complement Azure Active Directory and Conditional Access with important protections around the data, applications and network pillars.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2020\/09\/29\/microsoft-advanced-compliance-solutions-zero-trust-architecture\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Microsoft Advanced Compliance Solutions in Zero Trust Architecture | Microsoft Security Blog\" \/>\n<meta property=\"og:description\" content=\"Zero Trust architecture starts with Identity and Access Management but it doesn\u2019t end there. Microsoft Advanced Compliance solutions complement Azure Active Directory and Conditional Access with important protections around the data, applications and network pillars.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2020\/09\/29\/microsoft-advanced-compliance-solutions-zero-trust-architecture\/\" \/>\n<meta property=\"og:site_name\" content=\"Microsoft Security Blog\" \/>\n<meta property=\"article:published_time\" content=\"2020-09-29T18:00:10+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2023-05-16T06:05:10+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2020\/09\/ZeroTrustHomeImage-9-29-2020-FEATURE-1.png\" \/>\n\t<meta property=\"og:image:width\" content=\"500\" \/>\n\t<meta property=\"og:image:height\" content=\"263\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/png\" \/>\n<meta name=\"author\" content=\"Steve Vandenberg, Mark McIntyre\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Steve Vandenberg, Mark McIntyre\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"3 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2020\/09\/29\/microsoft-advanced-compliance-solutions-zero-trust-architecture\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2020\/09\/29\/microsoft-advanced-compliance-solutions-zero-trust-architecture\/\"},\"author\":[{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/author\/steve-vandenberg\/\",\"@type\":\"Person\",\"@name\":\"Steve Vandenberg\"},{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/author\/mark-mcintyre\/\",\"@type\":\"Person\",\"@name\":\"Mark McIntyre\"}],\"headline\":\"Microsoft Advanced Compliance Solutions in Zero Trust Architecture\",\"datePublished\":\"2020-09-29T18:00:10+00:00\",\"dateModified\":\"2023-05-16T06:05:10+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2020\/09\/29\/microsoft-advanced-compliance-solutions-zero-trust-architecture\/\"},\"wordCount\":873,\"publisher\":{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#organization\"},\"image\":{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2020\/09\/29\/microsoft-advanced-compliance-solutions-zero-trust-architecture\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2020\/09\/ZeroTrustHomeImage-9-29-2020-FEATURE-1.png\",\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2020\/09\/29\/microsoft-advanced-compliance-solutions-zero-trust-architecture\/\",\"url\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2020\/09\/29\/microsoft-advanced-compliance-solutions-zero-trust-architecture\/\",\"name\":\"Microsoft Advanced Compliance Solutions in Zero Trust Architecture | Microsoft Security Blog\",\"isPartOf\":{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2020\/09\/29\/microsoft-advanced-compliance-solutions-zero-trust-architecture\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2020\/09\/29\/microsoft-advanced-compliance-solutions-zero-trust-architecture\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2020\/09\/ZeroTrustHomeImage-9-29-2020-FEATURE-1.png\",\"datePublished\":\"2020-09-29T18:00:10+00:00\",\"dateModified\":\"2023-05-16T06:05:10+00:00\",\"description\":\"Zero Trust architecture starts with Identity and Access Management but it doesn\u2019t end there. Microsoft Advanced Compliance solutions complement Azure Active Directory and Conditional Access with important protections around the data, applications and network pillars.\",\"breadcrumb\":{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2020\/09\/29\/microsoft-advanced-compliance-solutions-zero-trust-architecture\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2020\/09\/29\/microsoft-advanced-compliance-solutions-zero-trust-architecture\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2020\/09\/29\/microsoft-advanced-compliance-solutions-zero-trust-architecture\/#primaryimage\",\"url\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2020\/09\/ZeroTrustHomeImage-9-29-2020-FEATURE-1.png\",\"contentUrl\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2020\/09\/ZeroTrustHomeImage-9-29-2020-FEATURE-1.png\",\"width\":500,\"height\":263,\"caption\":\"Male working remotely from his home office on a Dell Latitude 13 device, running Microsoft Word.\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2020\/09\/29\/microsoft-advanced-compliance-solutions-zero-trust-architecture\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Microsoft Advanced Compliance Solutions in Zero Trust Architecture\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#website\",\"url\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/\",\"name\":\"Microsoft Security Blog\",\"description\":\"Expert coverage of cybersecurity topics\",\"publisher\":{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#organization\",\"name\":\"Microsoft Security Blog\",\"url\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2018\/08\/cropped-cropped-microsoft_logo_element.png\",\"contentUrl\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2018\/08\/cropped-cropped-microsoft_logo_element.png\",\"width\":512,\"height\":512,\"caption\":\"Microsoft Security Blog\"},\"image\":{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#\/schema\/logo\/image\/\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Microsoft Advanced Compliance Solutions in Zero Trust Architecture | Microsoft Security Blog","description":"Zero Trust architecture starts with Identity and Access Management but it doesn\u2019t end there. Microsoft Advanced Compliance solutions complement Azure Active Directory and Conditional Access with important protections around the data, applications and network pillars.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2020\/09\/29\/microsoft-advanced-compliance-solutions-zero-trust-architecture\/","og_locale":"en_US","og_type":"article","og_title":"Microsoft Advanced Compliance Solutions in Zero Trust Architecture | Microsoft Security Blog","og_description":"Zero Trust architecture starts with Identity and Access Management but it doesn\u2019t end there. Microsoft Advanced Compliance solutions complement Azure Active Directory and Conditional Access with important protections around the data, applications and network pillars.","og_url":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2020\/09\/29\/microsoft-advanced-compliance-solutions-zero-trust-architecture\/","og_site_name":"Microsoft Security Blog","article_published_time":"2020-09-29T18:00:10+00:00","article_modified_time":"2023-05-16T06:05:10+00:00","og_image":[{"width":500,"height":263,"url":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2020\/09\/ZeroTrustHomeImage-9-29-2020-FEATURE-1.png","type":"image\/png"}],"author":"Steve Vandenberg, Mark McIntyre","twitter_card":"summary_large_image","twitter_misc":{"Written by":"Steve Vandenberg, Mark McIntyre","Est. reading time":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2020\/09\/29\/microsoft-advanced-compliance-solutions-zero-trust-architecture\/#article","isPartOf":{"@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2020\/09\/29\/microsoft-advanced-compliance-solutions-zero-trust-architecture\/"},"author":[{"@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/author\/steve-vandenberg\/","@type":"Person","@name":"Steve Vandenberg"},{"@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/author\/mark-mcintyre\/","@type":"Person","@name":"Mark McIntyre"}],"headline":"Microsoft Advanced Compliance Solutions in Zero Trust Architecture","datePublished":"2020-09-29T18:00:10+00:00","dateModified":"2023-05-16T06:05:10+00:00","mainEntityOfPage":{"@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2020\/09\/29\/microsoft-advanced-compliance-solutions-zero-trust-architecture\/"},"wordCount":873,"publisher":{"@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#organization"},"image":{"@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2020\/09\/29\/microsoft-advanced-compliance-solutions-zero-trust-architecture\/#primaryimage"},"thumbnailUrl":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2020\/09\/ZeroTrustHomeImage-9-29-2020-FEATURE-1.png","inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2020\/09\/29\/microsoft-advanced-compliance-solutions-zero-trust-architecture\/","url":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2020\/09\/29\/microsoft-advanced-compliance-solutions-zero-trust-architecture\/","name":"Microsoft Advanced Compliance Solutions in Zero Trust Architecture | Microsoft Security Blog","isPartOf":{"@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2020\/09\/29\/microsoft-advanced-compliance-solutions-zero-trust-architecture\/#primaryimage"},"image":{"@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2020\/09\/29\/microsoft-advanced-compliance-solutions-zero-trust-architecture\/#primaryimage"},"thumbnailUrl":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2020\/09\/ZeroTrustHomeImage-9-29-2020-FEATURE-1.png","datePublished":"2020-09-29T18:00:10+00:00","dateModified":"2023-05-16T06:05:10+00:00","description":"Zero Trust architecture starts with Identity and Access Management but it doesn\u2019t end there. Microsoft Advanced Compliance solutions complement Azure Active Directory and Conditional Access with important protections around the data, applications and network pillars.","breadcrumb":{"@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2020\/09\/29\/microsoft-advanced-compliance-solutions-zero-trust-architecture\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.microsoft.com\/en-us\/security\/blog\/2020\/09\/29\/microsoft-advanced-compliance-solutions-zero-trust-architecture\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2020\/09\/29\/microsoft-advanced-compliance-solutions-zero-trust-architecture\/#primaryimage","url":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2020\/09\/ZeroTrustHomeImage-9-29-2020-FEATURE-1.png","contentUrl":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2020\/09\/ZeroTrustHomeImage-9-29-2020-FEATURE-1.png","width":500,"height":263,"caption":"Male working remotely from his home office on a Dell Latitude 13 device, running Microsoft Word."},{"@type":"BreadcrumbList","@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2020\/09\/29\/microsoft-advanced-compliance-solutions-zero-trust-architecture\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/"},{"@type":"ListItem","position":2,"name":"Microsoft Advanced Compliance Solutions in Zero Trust Architecture"}]},{"@type":"WebSite","@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#website","url":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/","name":"Microsoft Security Blog","description":"Expert coverage of cybersecurity topics","publisher":{"@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#organization","name":"Microsoft Security Blog","url":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2018\/08\/cropped-cropped-microsoft_logo_element.png","contentUrl":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2018\/08\/cropped-cropped-microsoft_logo_element.png","width":512,"height":512,"caption":"Microsoft Security Blog"},"image":{"@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#\/schema\/logo\/image\/"}}]}},"msxcm_display_generated_audio":false,"distributor_meta":false,"distributor_terms":false,"distributor_media":false,"distributor_original_site_name":"Microsoft Security Blog","distributor_original_site_url":"https:\/\/www.microsoft.com\/en-us\/security\/blog","push-errors":false,"_links":{"self":[{"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/posts\/91974","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/users\/96"}],"replies":[{"embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/comments?post=91974"}],"version-history":[{"count":0,"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/posts\/91974\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/media\/91982"}],"wp:attachment":[{"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/media?parent=91974"}],"wp:term":[{"taxonomy":"content-type","embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/content-type?post=91974"},{"taxonomy":"topic","embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/topic?post=91974"},{"taxonomy":"products","embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/products?post=91974"},{"taxonomy":"threat-intelligence","embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/threat-intelligence?post=91974"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/tags?post=91974"},{"taxonomy":"author","embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/coauthors?post=91974"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}