Zero Trust adoption resources

Progress tracker for each business scenario, customizable stakeholder teams, and instructions for using tracking features.

• Zero Trust
• adoption
• resources
• progress tracker
• business scenario
• stakeholder teams

troy Follow

Uploaded on Dec 23, 2023 | 2 Views

Download Presentation

Please find below an Image/Link to download the presentation.

The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author.If you encounter any issues during the download, it is possible that the publisher has removed the file from their server.

You are allowed to download the files provided on this website for personal or commercial use, subject to the condition that they are used lawfully. All files are the property of their respective owners.

The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author.

Presentation Transcript

1. Zero Trust adoption resources

2. Whats included? Progress tracker for each business scenario Tracks recommended tasks across four stages Read the included instructions to use the tracking features Customize these for your organization Stakeholder teams for each business scenario Example stakeholder teams for each business scenario Customize the team for your organization

3. Using the progress trackers Shields have three states: This slide is for internal use only. To change the state, delete the icon. This will reveal the next state underneath. Please familiarize yourself with the deck and ensure the slide is hidden before presenting. Not Started In Progress Complete Diamonds have two states: Incomplete Complete The progress bar indicates the stage on which the client is primarily focused. Hold shift and drag the marker to move it along the progress bar. Invisible blocks beneath the bar can be used to precisely align the marker to each stage. When all stages are complete, delete the line, marker, and checkmark to reveal the checkmark s Finished state.

4. Using the stakeholder slide These cards are made for a 4x3 grid. Stakeholder info is shown in cards. This slide is for internal use only. To add cards, copy and paste the template or hold Ctrl and drag the template to create a duplicate. To change the photo Click twice on the placeholder photo. Navigate to Picture Format > Change Picture. Adjust positioning with the Crop tool if needed. Please familiarize yourself with the deck and ensure the slide is hidden before presenting. Six or fewer stakeholders? Leave the top row blank. More than nine? Add another Stakeholder slide, repeating the primary stakeholders, like project leads, who are shown in the sidebar. To change any text Click on the placeholder text and replace it. Overset text will resize to fit within the card. Want to go an extra mile on your design? Use Shift+Enter to keep the last word of a paragraph from being alone on a line. Role First Lastname A description of their responsibilities pertaining to this project, written in two to five lines of text.

5. Rapidly modernize your security posture

6. Rapidly modernize your security posture Stage 1 Stage 2 Develop a response readiness plan Stage 3 Stage 4 Identify risks to your organization Visualize your security posture using audience appropriate dashboards Continuously educate users Evolve your organization s security operations capability Inventory your digital estate Identify gaps in your security posture Document and manage shadow IT using defender for Cloud Apps Implement basic hygiene practices Capture your initial Secure Score status Continue to manage risk Update your status for Secure Score Develop a methodology for patching and updating systems Identify regulatory requirements Capture your status in Compliance Manager Set leadership expectations

7. Security Posture Stakeholders CISO Name Security and governance of identities, devices, and apps; risk and policy determination, tracking and reporting Device management architect Name Sponsor Name EUC Leads Name Arch Lead Name Strategy, steering, escalation, approvals, business alignment, management coordination Implements the strategy for protecting organization data on devices, including managing devices End user security and usability requirements; represents these into the project Tech requirements, architecture, reviews, decisions, and prioritization App management lead Name Business Unit Representative Name Services admins Name Project Lead Name Manage overall engagement, resources, timeline and schedule, communications, etc. Business Unit leads, business and usability requirements, frontoffice vs backoffice, etc. Services/tenants/environment, preparation, configuration, testing Tech requirements, and prioritization of app investments bringing apps up to standards with modern authentication and coordinating apps with conditional access rules

8. Secure remote and hybrid work

9. Secure remote and hybrid work Stage 1 Stage 2 Stage 3 Stage 4 Verify and secure every identity with strong authentication Register devices with Azure AD Enroll devices into management and apply recommended security protections Monitor device configuration drift Implement Zero Trust starting point identity and device access policies Implement passwordless authentication Integrate SaaS apps with Azure AD for single sign-on Allow only compliant and trusted devices to access data Use App Proxy with on-prem apps for single sign-on New applications that are deployed use modern authentication

10. Secure remote and hybrid work stakeholders Identity architect Name Sponsor Name CISO Name Arch Lead Name Strategy, steering, escalation, approvals, business alignment, management coordination Security and governance of identities, devices, and apps; risk and policy determination, tracking and reporting Tech requirements, architecture, reviews, decisions, and prioritization Determines required controls to address tech and architecture requirements; implements these Device management architect Name App management lead Name Microsoft 365 admins Name Project Lead Name Manage overall engagement, resources, timeline and schedule, communications, etc. Implements the strategy for protecting organization data on devices, including managing devices Tech requirements, and prioritization of app investments bringing apps up to standards with modern authentication and coordinating apps with conditional access rules Tenant/environment, preparation, configuration, testing

11. Identify and protect sensitive business data

12. Identify and protect your sensitive business data Stage 1 Stage 2 Stage 3 Stage 4 Discover and identify sensitive business data Develop and test a classification schema Add protection to labels Extend labels and protection to data in SaaS apps, including DLP Introduce automatic & recommended labeling Discover non-sanctioned SaaS apps Apply labels to data across Microsoft 365 Extend automated classification to all services Extend DLP policies across Microsoft 365 Extend labels and protection to data in on-premises repositories Encrypt network communication Introduce basic DLP policies Set up secure Teams for sharing data internally and externally with business partners Implement key insider risk management policies Protect organization data in cloud infrastructure

13. Information Protection Stakeholders IT Compliance Manager Name Investigation and audit roles Name Sponsor Name CISO Name Strategy, steering, escalation, approvals, business alignment, management coordination Protection and governance of data assets and systems; risk and policy determination, tracking and reporting Determines required controls to address compliance and protection requirements Investigation and reporting in cooperation with compliance and protection leads Information Protection Manager Name Microsoft 365 admins Name Project Lead Name Arch Lead Name Manage overall engagement, resources, timeline and schedule, communications, etc. Data classification and sensitive data identification, controls and remediation Tech requirements, architecture, reviews, decisions & prioritization Tenant/environment, preparation, configuration, testing

14. Meet regulatory and compliance requirements

15. Meet regulatory and compliance requirements Stage 1 Stage 2 Stage 3 Stage 4 Identify regulatory requirements Use content explorer to identify regulated data Extend data lifecycle management policies with automation Use Azure Sentinel to build reports to continuously assess and inventory the compliance status of your information Assess requirements for information protection and implement retention and sensitivity labels Use Compliance Manager to assess compliance and plan remediation for identified gaps Set up partitioning and isolation controls (if applicable) Use Compliance Manager to identify and remediate remaining gaps and meet the requirements of new or updated regulations Implement container labeling, automatic and mandatory labeling, and stricter DLP policies Implement DLP policies Review current guidance for regulations that apply to your organization. Implement communication compliance policies (if applicable) Re-assess compliance using Compliance Manager and address remaining gaps

16. Regulatory Compliance Stakeholders IT Compliance Manager Name Investigation and audit roles Name Sponsor Name CISO Name Strategy, steering, escalation, approvals, business alignment, and coordination management Protection and governance of data assets and systems, such as risk and policy determination and tracking and reporting. Determination of required controls to address compliance and protection requirements. Investigation and reporting in cooperation with compliance and protection leads. Information Protection Manager Name Microsoft 365 admins Name Project Lead Name Arch Lead Name Overall management of engagement, resources, timeline and schedule, communications, and others. Data classification and sensitive data identification, controls, and remediation. Technical requirements, architecture, reviews, decisions, and prioritization. Tenant and environment, preparation, configuration, and testing.

17. Prevent or reduce damage from a breach

18. Prevent or reduce damage from a breach-infrastructure Stage 1 Stage 2 Stage 3 Stage 4 Discontinue legacy network security technology Implement Azure Backups and Azure Site Recovery for all business data Segment your network Secure privileged accounts Implement Azure Backup for critical business data Gain visibility to network traffic Implement a patching plan Implement Azure Site Recovery for critical workload continuity Protect against ransomware Encrypt network communication

19. Prevent or reduce damage from a breach-threat protection Stage 1 Stage 2 Stage 3 Stage 4 Evolve security operations as a discipline in your organization Turn on XDR tools: - Azure AD Identity Protection - Defender for Identity - Defender for Office 365 - Defender for Cloud Apps Turn on Defender for IoT Get started with Microsoft Purview Insider Risk Management Design an Azure Sentinel workspace and ingest XDR signals Leverage automation to reduce load on your SecOps analysts Define internal process for security operations (SecOps) Investigate and respond to threats using Defender for Microsoft 365 Proactively hunt for threats Turn on additional XDR tools: - Defender for Endpoint - Defender for Cloud