Zero Trust Security Strategy
Before you introduce Microsoft Copilot for Microsoft 365 or
Copilot into your environment, Microsoft recommends that you build a strong
foundation of security. Fortunately, guidance for a strong security foundation
exists in the form of Zero Trust. The Zero Trust security strategy treats each
connection and resource request as though it originated from an uncontrolled
network and a bad actor. Regardless of where the request originates or what
resource it accesses, Zero Trust teaches us to "never trust, always
verify."
This article provides steps to apply the principles of Zero
Trust security to prepare your environment for Copilot in the following ways:
Zero Trust principle |
Definition |
Met by |
|
Verify
explicitly |
Always
authenticate and authorize based on all available data points. |
Enforce the
validation of user credentials, device requirements, and app permissions and
behaviors. |
|
Use least
privileged access |
Limit user
access with Just-In-Time and Just-Enough-Access (JIT/JEA), risk-based
adaptive policies, and data protection. |
Validate JEA
across your organization to eliminate oversharing by ensuring that correct
permissions are assigned to files, folders, Teams, and email. Use sensitivity
labels and data loss prevention policies to protect data. |
|
Assume breach |
Minimize
blast radius and segment access. Verify end-to-end encryption and use
analytics to get visibility, drive threat detection, and improve defenses. |
Use Exchange
Online Protection (EOP) and Microsoft Defender XDR services to automatically
prevent common attacks and to detect and respond to security incidents. |
Watch the video series
No comments:
Post a Comment