Recently, we introduced you to Microsoft's Zero Trust Framework. With the mass adoption of cloud services and the move towards XaaS'ing (Anything as a Service) of the IT landscape, the security focus is shifting primarily to identities and devices. These devices are also called endpoints. Luc Frijters explains how to handle securing and managing endpoints as an organization, based on the principles of Zero Trust.
Endpoint means a (usually) physical device that connects and exchanges information with a computer network. In the Microsoft Cloud, an endpoint is often thought of as the point from which a user accesses services in the Microsoft (Public) Cloud. For example, sending an email via Outlook on a laptop, sharing a file via the OneDrive app on an Android smartphone, participating in a Teams meeting from an iPad or completing timekeeping in Dynamics 365 from a desktop. In short, laptops, desktops, tablets, smartphones and nowadays web browsers or full virtual (cloud) workstations such as Windows 365, can all be endpoints.
Microsoft's Zero Trust Framework is based on three principles:
- verify explicitly
- provide as few rights as possible
- assume an intrusion
For the Zero Trust way of security, it is of secondary importance what different types of devices are used and where they are located. The exact same security policy must be continuously applied on every device and in every location.