Microsoft’s Steve Faehl on Key Factors to Zero-Trust Implementation

Steve Faehl, U.S. security chief technology officer at Microsoft, has said that organizations must meet criteria under six fundamental elements when implementing a zero-trust approach to network security.

Faehl wrote in an opinion piece published Thursday on FedScoop that information technology teams must continually verify identities throughout internet of things networks, devices, apps and encrypted data in order to efficiently execute a zero-trust strategy.

Teams must also harden on-premises as well as cloud-based infrastructure and establish controls to segment, analyze, monitor and secure end-to-end traffic, he added.

According to Faehl, adversaries benefit from the implicit trust in assets based on connectivity points and organizations should consider increasing identity assurance levels for all interactions.
 
“The need to apply Zero Trust strategies comprehensively will only increase as secure remote work emerges as a core need for so many customers,” he noted. “We believe every enterprise needs to start their own journey towards reducing implicit trust to zero and we’re happy to share what we’ve learned along the way — never trust, always verify.”

Check Also

Bill Beard SVP Vertex Aerospace

Bill Beard Promoted to Corporate Operations & Strategy SVP at Vertex Aerospace

Bill Beard, former interim senior vice president of corporate business operations and development at Vertex Aerospace, has been promoted to SVP of corporate operations and strategy.

DevOps

Carahsoft, GitLab Partner to Offer Agencies DevSecOps Platform via AWS Marketplace

Carahsoft Technology has agreed to offer GitLab's suite of DevSecOps tools to government organizations through Amazon Web Services' cloud marketplace and helped launch a product and training package as part of the partnership

QTS

QTS Receives EPA Recognition for Energy Procurement Approach

QTS Realty Trust has won a Direct Project Engagement award from the Environmental Protection Agency for the data center services provider's practice of sourcing renewable electricity to power its operations.