Zero Trust - critical in the modern workplace

Rob Gray
Tags: Microsoft 365 Security
Rob Gray, Vuzion Business Development Manager, writes …

The days of building a fortress around resources and data are over. Protecting against the many entry points at risk of malicious attacks is simply not enough in the modern workplace. 

Identities, devices, apps, networks, infrastructure, and data - these all live outside the traditional perimeter protection. The modern digital estate is distributed, diverse, and complex.

This means that organisations need a Zero Trust approach.

What is Zero Trust?
Zero Trust is a real buzzword at the moment - and not least because there has been a significant increase in the number of security breaches over the last two years.

But the concept isn’t new. At the beginning of 2018, the security informational body CSO, published  What is Zero Trust? A model for more effective security. In the article they give the following definition of Zero Trust.

“Zero Trust is a security concept centred on the belief that organisations should not automatically trust anything inside or outside its perimeters and instead must verify anything and everything trying to connect to its systems before granting access. 

“The strategy around Zero Trust boils down to don't trust anyone.”

Unravelling the complexity for your customers
The challenge for many organisations has been in securing the endpoints for home working environments, which can be complex when factoring in data, apps, devices and users.

So how can you unravel this complexity and offer security as a service to future proof your customers’ businesses?

To help you educate your customers about security risks and how to protect against them, here at Vuzion, the Partner Team provides guidance, resources, and learning opportunities around the fundamental principles of security in the modern workplace.
Microsoft Zero Trust guidance

There are also proven methods for implementing a Zero Trust strategy - as outlined in the guidance given by Microsoft: 

1. Verify explicitly. Always authenticate and authorise based on all available data points, including user identity, location, device health, service or workload, data classification, and anomalies. 

2. Use least privileged access. Limit user access with just-in-time and just-enough access, risk-based adaptive polices, and implement data protection policies, to protect data and productivity. 

3. Assume breach. Minimise the potential for breaches through preventing lateral movement by segmenting access by network, user, devices, and applications. Ensure all sessions are encrypted end-to-end, and use analytics to increase visibility, drive threat detection, and ultimately improve defences.

To help realise a Zero Trust security model across a customer’s total digital estate, we suggest adopting a phased approach. 

In this way, you can create an overall roadmap for achieving Zero Trust maturity across the business, while concentrating on individual, specific areas of the business for implementation. 

Your customers will be able to see the value of Zero Trust initiatives, while every step taken will help reduce the security risk. 

Vuzion security support - training and guidance
If you’d like more information about helping your customers move to a Zero Trust strategy, the following Vuzion courses may be of interest: 

Microsoft 365 Identity and Services (MS-100)
Microsoft 365 Security Essentials | Identity & Access
Microsoft Security, Compliance and Identity Fundamentals
Microsoft Identity and Access Administrator (SC-300)
Microsoft 365 Security Essentials | Identity & Access
Microsoft 365 Security Essentials | Threat Protection

The Vuzion team are always happy to chat if you have any questions, or would like any further information - call us on 0333 009 5939 or email 

Related Articles

Vuzion approved for the Microsoft Teamwork Deployment Specialisation

We are delighted to add the Microsoft Teamwork Deployment Advanced Specialisation to our existing Advanced Specialisations

Introducing Teams Phone with Calling Plan

Microsoft have announced that Teams Phone with Calling Plan will be launched on 1st January 2022 for CSP

Security opportunities available for Non-profits

Read our latest news article on how Microsoft aims to address the security challenges that non-profit organisations face

Vuzion approved for the Microsoft Threat Protection Advanced Specialisation

We are delighted to be one of a small number of Microsoft partners who have earned the Threat Protection Advanced Specialisation