Zero trust security is one of the solutions offered by Microsoft office 365. We will see in detail the following features, and how to use them.
What Is The Zero Trust Security Office 365?
The Zero Trust Security Office 365 is an approach to security in which resources are protected without being granted any access. The approach is based on the concept of “need to know.”
In Zero Trust Security, there is no need to trust users or resources that are not yet known. This approach requires a central management point. As it `allows only apps to be used in the network after they have been approved.
In addition, this approach requires the use of three main technologies:
- Endpoint protection (Windows Defender)
- Web Application Firewall (WAF)
- Cloud App Security (CAS)
How Does It Work?
The Zero Trust Security Office 365 is based on the following principles:
Everything new must be verified as safe. And there is no trust for anything that has not been previously identified and verified.
The way it works is as follows:
When a user requests a resource from a known resource, the user first receives the resource. But at the same time, a security “capability” token is created for this user.
The token indicates that “this user has received this resource,”. But does not contain any access rights or permissions. This token must be passed back to the central management point. Especially, when accessing any other resource in the future.
This prevents users from accessing resources they have not yet been granted access to.
A good example of this would be an employee who receives access to email and files in Office 365. But who receives no access to services. Such as Yammer or SharePoint Online.
The employee will only receive email and files while in Office 365. When they access Yammer or SharePoint Online. They will receive a request for permission to do so.
This request will only occur if the user tries to connect with SharePoint Online or Yammer. It will not happen every time an email is received or a file is opened.
Benefits And Limitations Zero Trust Security Office 365
Now that we know how it works, we will proceed with the following benefits. Also, we will include its limitations.
Benefits:
Users must be granted access before accessing resources.
All-access is tightly controlled. There is no ability to share or grant access to resources.
There are no anonymous users.
There is no need to trust users or resources that have not been previously identified and verified.
Limitations:
Requires a lot of changes in the way users work and interact with applications. This can cause a high degree of frustration, and even high costs if no plan is in place to help users through the transition.
Zero Trust Security Office 365 is ideal for large companies with many resources. Also, many users have different roles and responsibilities. But it may be less suitable for smaller companies, even if these are more advanced than before.
In smaller companies, the IT team may not have enough time. Or resources to adopt an approach like this one. In addition, security policies may not be clear in these organizations.
As a result, there may be some confusion among some employees. Who does not know where they can access what resources or what they can do with them.