Steve Faehl, U.S. security chief technology officer at Microsoft, has said that organizations must meet criteria under six fundamental elements when implementing a zero-trust approach to network security.
Faehl wrote in an opinion piece published Thursday on FedScoop that information technology teams must continually verify identities throughout internet of things networks, devices, apps and encrypted data in order to efficiently execute a zero-trust strategy.
Teams must also harden on-premises as well as cloud-based infrastructure and establish controls to segment, analyze, monitor and secure end-to-end traffic, he added.
According to Faehl, adversaries benefit from the implicit trust in assets based on connectivity points and organizations should consider increasing identity assurance levels for all interactions.
“The need to apply Zero Trust strategies comprehensively will only increase as secure remote work emerges as a core need for so many customers,” he noted. “We believe every enterprise needs to start their own journey towards reducing implicit trust to zero and we’re happy to share what we’ve learned along the way — never trust, always verify.”