{"id":7744,"date":"2021-12-21T08:53:54","date_gmt":"2021-12-21T16:53:54","guid":{"rendered":"https:\/\/www.microsoft.com\/insidetrack\/blog\/?p=7744"},"modified":"2023-06-11T14:29:21","modified_gmt":"2023-06-11T21:29:21","slug":"best-of-inside-track-securing-microsoft-with-zero-trust-in-2021","status":"publish","type":"post","link":"https:\/\/www.microsoft.com\/insidetrack\/blog\/best-of-inside-track-securing-microsoft-with-zero-trust-in-2021\/","title":{"rendered":"Best of Inside Track: Securing Microsoft with Zero Trust in 2021"},"content":{"rendered":"
\n
\n
<\/div>\n

This content has been archived, and while it was correct at time of publication, it may no longer be accurate or reflect the current situation at Microsoft.<\/p>\n<\/div>\n<\/div>\n

\"MicrosoftMicrosoft\u2019s internal security team uses a Zero Trust security model to keep the company safe.<\/p>\n

Guided by its Zero Trust security model, in 2021 the internal security team focused on protecting its employees and the company while providing employees appropriate access on the devices they needed to do their work.<\/p>\n

Foundation of Zero Trust<\/h2>\n

Microsoft\u2019s internal deployment of its Zero Trust model requires alignment among many teams across the country who must work together to protect more than 600 offices in 120 countries and regions.<\/p>\n

Read more about implementing a Zero Trust security model at Microsoft.<\/a><\/p>\n

In Microsoft\u2019s approach to Zero Trust, we don’t assume any identity or device on our corporate network is secure. We continuously verify it\u2014this allows us to reduce the risk in our environment.<\/p>\n

-Carmichael Patton, security architect, Microsoft internal security<\/p>\n<\/blockquote>\n

Zero Trust best practices<\/h2>\n

Microsoft\u2019s commitment to using a Zero Trust model to protect the company begins with identity verification and device health, and is backed by making sure its network is healthy.<\/p>\n

\u201cIn Microsoft\u2019s approach to Zero Trust, we don’t assume any identity or device on our corporate network is secure,\u201d says Carmichael Patton, a security architect on the company\u2019s internal security team. \u201cWe continuously verify it\u2014this allows us to reduce the risk in our environment.”<\/p>\n

Find out the best practices Microsoft learned when deploying a Zero Trust security model internally across the company.<\/a><\/p>\n

Zero Trust networking<\/h2>\n

Deploying a Zero Trust model on Microsoft\u2019s internal network centers on strong identity, least-privilege access, device health verification, and service-level control and telemetry across the company\u2019s entire IT infrastructure. This includes fully integrated authentication across all network devices, effective segmentation of the company\u2019s global network, end-to-end encrypted connectivity, and intelligent monitoring.<\/p>\n

\u201cZero Trust networking requires a reassessment of any organization’s network operations,\u201d says David Lef, a principal IT enterprise architect on Microsoft\u2019s internal networking team. \u201cAt Microsoft, we’re making fundamental changes to a network that hosts more than 1 million devices.\u201d<\/p>\n

Read about the lessons Microsoft learned implementing a Zero Trust model across its network.<\/a><\/p>\n

Transforming how Microsoft responds to billions of security events<\/h2>\n

Microsoft needed to upgrade how it responds to the billions of security events that inundate the company daily so it could focus on the most important security threats.<\/p>\n

The company turned to Microsoft Azure Sentinel, its new Security Information Event Management (SIEM) system. The new SEIM enables Microsoft\u2019s engineers and analysts to protect the company much more effectively.<\/p>\n

\u201cIngesting data into our legacy SIEM took hours,\u201d says Mei Lau, a senior program manager for Microsoft Digital, the organization that powers, protects, and transforms Microsoft. \u201cIn Sentinel, it takes around 10 minutes, which is 18 times faster.\u201d<\/p>\n

Read a story and watch a video on how Microsoft transformed how it responds to billions of security events with Microsoft Azure Sentinel.<\/a><\/p>\n

\"Key<\/p>\n