Zero Trust
Security is built piece by piece. Get started with our security workshops, build a Zero Trust Roadmap
with us or would you like to have Sulava Security Architect as a service?
Digital transformation is expanding the security perimeter. In today’s environments:
- Personal devices store corporate info
- Employees are working remotely
- Data is shared with external collaborators
- Apps and data are moving to cloud and hybrid environments
Operating under the principles of “never trust” and “verify everything,” the Zero Trust model assumes breach and treats every access request as if it originates from an open network. In a Zero Trust model, every access request is strongly authenticated, authorized within policy constraints, and inspected for anomalies before access is granted. With Zero Trust, we employ the following principles by Microsoft:
Verify explicitly
Always authenticate and authorize based on all available data points, including user identity, location, device health, service or workload, data classification, and anomalies.
Use least privileged access
Limit user access with just-in-time and just-enough-access (JIT/JEA), risk-based adaptive polices, and data protection to help secure both data and productivity.
Assume breach
Minimize blast radius and segment access. Verify end-to-end encryption and use analytics to get visibility, drive threat detection, and improve defenses.
The traditional network security model doesn’t meet the security or user experience needs of modern businesses.
Interactions with corporate resources and services now often bypass on-premises, perimeter-based defenses all together. Organizations need a modern security model that more effectively adapts to the complexity of the modern environment, embraces the mobile workforce, and protects their people, devices, applications, and data wherever they are.
The Zero Trust Security components
The Zero Trust Security components by Microsoft are as follows:
Identities
Identities are the control plane in the Zero Trust model.
When an identity requests access to a resource, you need to verify that identity with strong authentication and ensure that access is compliant, typical for that identity, and follows least-privileged access principles
Devices
Once an identity has been granted access to a resource, data can flow to a myriad of different devices, creating a massive attack surface area.
Device monitoring should be in place to ensure device health and compliance enforcement before access is granted.
Infrastructure
Infrastructure (whether on premises servers or cloud-based virtual machines, containers, or micro-services) should be assessed for software version, configuration, and Just-in-Time (JIT) access to harden defenses.
Use security analytics to detect attacks and anomalies, and automatically block and flag risky behavior and take protective actions.
Data
Ultimately, security is focused on protecting organizational data. Data leaving the devices, apps, infrastructure, and networks controlled by your organization still needs to be protected. Access should be restricted and data classified, labeled, and encrypted based on those attributes.
Applications
Applications and APIs provide the interface by which data is consumed. Zero Trust controls and standards should be in place to ensure appropriate inapp permissions, gate access based on real-time analytics, monitor for abnormal behavior, and control user actions. Get visibility into all Shadow IT, block risky applications, and enforce security policies on personal devices.
Networks
Network security is critical in limiting the impact of a security breach, providing “in-pipe” controls that enhance visibility and help prevent attackers from moving laterally across the network. Networks should be segmented, and real-time threat protection, end-to-end encryption, monitoring, and analytics should be employed
Our Model for Deploying Zero Trust
Our Zero Trust deployment model consists of the following elements
- Single sign-on + self-service password reset
- Multifactor + password less authentications
- Conditional access
- Privileged Identity management
- Identity governance
- Active Directory
- Mobile application management
- Mobile device management
Read more about Zero Trust
Monitoring and Security Operations Center (SOC) -services
We can support your organisation in the deployment of services related to cloud service monitoring. If necessary, we can also take care of the entire function of monitoring for you.
Our primary tools for monitoring are the Microsoft Sentinel service and the cloud services’ own monitoring features.
Out of millions of rows of data and hundreds of alerts, how do you detect the events and alerts that could mean a serious security incident? We can help your organisation with our Sulava Security Operations Center (SOC).
User identities and Azure AD
Azure AD is a modern directory that brings together user identities, devices, and applications.
Our Azure AD services include directory integration between Azure AD and local AD, user authentication and access management features with the Zero Trust approach, and application integration with Azure AD.
Deployment of new security services
We can support your organisation in the deployment of the security services and functionalities in Microsoft 365 and Azure according to your organisation’s needs.
We work a lot with the deployment of Microsoft Defender services, protecting the various Microsoft cloud workloads. Our endpoint management experts provide device hardening. Our experienced app developers carry out Azure security reviews. We improve email security through DMARC deployment, and the development of Microsoft Sentinel as a SIEM solution is growing rapidly.
Data protection and compliance
The deployment of cloud environments includes various requirements related to data protection and data processing, some of which originate within the organisation and some outside of it.
We can help your company ensure that your environment configurations and data protection practices are in full compliance with these requirements and that you are able to take full advantage of the tools and functionalities of your environments.
Contact us!
Are you interested in what Metaverse could offer your company? Contact us!