Reading: What was learned when Microsoft switched to a zero trust network architecture

Sicherheit (Pexels, allgemeine Nutzung)[German]Zero Trust is a timely approach to addressing the cybersecurity challenges posed by the rise of telecommuting, the proliferation of personal devices and outdated physical security perimeters. At Microsoft, they have taken this step and learned various lessons, which Abbas Kudrati, Cloud & Cybersecurity Strategist, summarized in an article.


The Zero Trust cybersecurity model is based on the principle "trust no one, verify everything" ("never trust, always verify"). A Zero Trust cybersecurity architecture does not trust any user (person, device, or application) by default, regardless of whether the user is on the corporate network or elsewhere. Any user request for access to resources is treated as a potential cybersecurity breach. All access rights are minimized to "just enough access" to satisfy the user's request. Added to this in the zero-trust model is the continuous adaptation of security to changes in the digital landscape. This can quickly turn from zero trust to cyber frustration. Abbas Kudrati summarized the experience at Microsoft on LinkedIn in an article What we learned when moving to Zero Trust Network Architecture at Microsoft.  I came across the topic via the following Tweet.

Zero Trust Network Architecture at Microsoft.

Cookies helps to fund this blog: Cookie settings

This entry was posted in Security and tagged . Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *