Zero Trust
An important concept to consider is Zero Trust, which uses the approach of never trust, always verify; this concept relates to thinking beyond traditional network perimeter-based security and adopting a holistic approach to security.
Zero Trust is not a service or solution but a wider-thinking security strategy and framework to be adopted, and works on the notion of ensuring compliance and securing access at the resource and no longer the location or network the resource is on; we must NOT assume trust because of the resource’s network or location.
The Zero Trust framework is built upon the following foundational principles:
- Assume breach.
- Verify explicitly.
- Use least-privilege access (Just In Time (JIT), and just enough access).
In this new world of hybrid work where organizations’ traditional firewalls and security service-controlled network perimeters have vanished due to remote working, we must now consider identity as the new perimeter. The following are the Zero Trust framework’s six foundational elements:
- Identities—Users, services, devices; each represents an element to be compromised
- Devices—Represent an attack surface and threat vector for data flows
- Applications—Represent the consumer of the data flows
- Data—Represents the data stored that is to be protected
- Infrastructure—Represents an attack surface and threat vector, whether locally on-premises or remotely hosted by a cloud provider
- Network—Represents an attack surface and threat vector and should be segmented
In this section, we introduced the concept of the Zero Trust framework. The following section looks at the concept of DiD.
Defense in depth
DiD refers to a strategy that places multiple layers of different forms of defenses between attackers and the resources you are trying to protect.
Adopting a DiD strategy allows an organization to adopt a strong security posture and help ensure that all systems, data, and users are better protected from threats and compromise.
A DiD strategy means there is no single layer of protection or security service that is solely responsible for protecting resources, but by implementing many different types of defense at individual layers, you can slow down an attack path. It may successfully breach one defensive layer but be halted by subsequent protection layers, preventing the protected resource from being exposed.
The following screenshot shows that DiD as a concept is nothing new as a strategy; it can be considered the medieval castle concept of protecting resources:
Figure 7.5 – Medieval castle defense approach
The medieval castle approach should be part of your strategy for building your resources in Azure; you define multiple layers that can be protected by different security services that are the most appropriate at each layer.
As with our medieval castle analogy, each layer from the center to the outside to the center provides its own independent protection service, tailored to best protect the characteristics of that layer.
The following diagram aids in visualizing the layers that make up a DiD strategy for a resource to be protected:
Figure 7.6 – DiD approach layers
There is no one-size-fits-all security service that can protect all the layers; however, we must have security services at each layer that work in conjunction and complement the layers outside and inside of their layer. There must be a single unified view so that telemetry and threat intelligence can be passed between each layer and enhance the protection at each layer. Microsoft uses artificial intelligence (AI), threat intelligence, and analytics to enhance these capabilities. In this section, we looked at adopting a DiD strategy. The following section looks at network and application protection.