Zero Trust adoption resources

Slide Note
Embed
Share

Progress tracker for each business scenario, customizable stakeholder teams, and instructions for using tracking features.

troy
troy Follow

Uploaded on Dec 23, 2023 | 1 Views

Download Presentation

Please find below an Image/Link to download the presentation.

The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author. Download presentation by click this link. If you encounter any issues during the download, it is possible that the publisher has removed the file from their server.



Presentation Transcript

  1. Zero Trust adoption resources

  2. Whats included? Progress tracker for each business scenario Tracks recommended tasks across four stages Read the included instructions to use the tracking features Customize these for your organization Stakeholder teams for each business scenario Example stakeholder teams for each business scenario Customize the team for your organization

  3. Using the progress trackers Shields have three states: This slide is for internal use only. To change the state, delete the icon. This will reveal the next state underneath. Please familiarize yourself with the deck and ensure the slide is hidden before presenting. Not Started In Progress Complete Diamonds have two states: Incomplete Complete The progress bar indicates the stage on which the client is primarily focused. Hold shift and drag the marker to move it along the progress bar. Invisible blocks beneath the bar can be used to precisely align the marker to each stage. When all stages are complete, delete the line, marker, and checkmark to reveal the checkmark s Finished state.

  4. Using the stakeholder slide These cards are made for a 4x3 grid. Stakeholder info is shown in cards. This slide is for internal use only. To add cards, copy and paste the template or hold Ctrl and drag the template to create a duplicate. To change the photo Click twice on the placeholder photo. Navigate to Picture Format > Change Picture. Adjust positioning with the Crop tool if needed. Please familiarize yourself with the deck and ensure the slide is hidden before presenting. Six or fewer stakeholders? Leave the top row blank. More than nine? Add another Stakeholder slide, repeating the primary stakeholders, like project leads, who are shown in the sidebar. To change any text Click on the placeholder text and replace it. Overset text will resize to fit within the card. Want to go an extra mile on your design? Use Shift+Enter to keep the last word of a paragraph from being alone on a line. Role First Lastname A description of their responsibilities pertaining to this project, written in two to five lines of text.

  5. Rapidly modernize your security posture

  6. Rapidly modernize your security posture Stage 1 Stage 2 Develop a response readiness plan Stage 3 Stage 4 Identify risks to your organization Visualize your security posture using audience appropriate dashboards Continuously educate users Evolve your organization s security operations capability Inventory your digital estate Identify gaps in your security posture Document and manage shadow IT using defender for Cloud Apps Implement basic hygiene practices Capture your initial Secure Score status Continue to manage risk Update your status for Secure Score Develop a methodology for patching and updating systems Identify regulatory requirements Capture your status in Compliance Manager Set leadership expectations

  7. Security Posture Stakeholders CISO Name Security and governance of identities, devices, and apps; risk and policy determination, tracking and reporting Device management architect Name Sponsor Name EUC Leads Name Arch Lead Name Strategy, steering, escalation, approvals, business alignment, management coordination Implements the strategy for protecting organization data on devices, including managing devices End user security and usability requirements; represents these into the project Tech requirements, architecture, reviews, decisions, and prioritization App management lead Name Business Unit Representative Name Services admins Name Project Lead Name Manage overall engagement, resources, timeline and schedule, communications, etc. Business Unit leads, business and usability requirements, frontoffice vs backoffice, etc. Services/tenants/environment, preparation, configuration, testing Tech requirements, and prioritization of app investments bringing apps up to standards with modern authentication and coordinating apps with conditional access rules

  8. Secure remote and hybrid work

  9. Secure remote and hybrid work Stage 1 Stage 2 Stage 3 Stage 4 Verify and secure every identity with strong authentication Register devices with Azure AD Enroll devices into management and apply recommended security protections Monitor device configuration drift Implement Zero Trust starting point identity and device access policies Implement passwordless authentication Integrate SaaS apps with Azure AD for single sign-on Allow only compliant and trusted devices to access data Use App Proxy with on-prem apps for single sign-on New applications that are deployed use modern authentication

  10. Secure remote and hybrid work stakeholders Identity architect Name Sponsor Name CISO Name Arch Lead Name Strategy, steering, escalation, approvals, business alignment, management coordination Security and governance of identities, devices, and apps; risk and policy determination, tracking and reporting Tech requirements, architecture, reviews, decisions, and prioritization Determines required controls to address tech and architecture requirements; implements these Device management architect Name App management lead Name Microsoft 365 admins Name Project Lead Name Manage overall engagement, resources, timeline and schedule, communications, etc. Implements the strategy for protecting organization data on devices, including managing devices Tech requirements, and prioritization of app investments bringing apps up to standards with modern authentication and coordinating apps with conditional access rules Tenant/environment, preparation, configuration, testing

  11. Identify and protect sensitive business data

  12. Identify and protect your sensitive business data Stage 1 Stage 2 Stage 3 Stage 4 Discover and identify sensitive business data Develop and test a classification schema Add protection to labels Extend labels and protection to data in SaaS apps, including DLP Introduce automatic & recommended labeling Discover non-sanctioned SaaS apps Apply labels to data across Microsoft 365 Extend automated classification to all services Extend DLP policies across Microsoft 365 Extend labels and protection to data in on-premises repositories Encrypt network communication Introduce basic DLP policies Set up secure Teams for sharing data internally and externally with business partners Implement key insider risk management policies Protect organization data in cloud infrastructure

  13. Information Protection Stakeholders IT Compliance Manager Name Investigation and audit roles Name Sponsor Name CISO Name Strategy, steering, escalation, approvals, business alignment, management coordination Protection and governance of data assets and systems; risk and policy determination, tracking and reporting Determines required controls to address compliance and protection requirements Investigation and reporting in cooperation with compliance and protection leads Information Protection Manager Name Microsoft 365 admins Name Project Lead Name Arch Lead Name Manage overall engagement, resources, timeline and schedule, communications, etc. Data classification and sensitive data identification, controls and remediation Tech requirements, architecture, reviews, decisions & prioritization Tenant/environment, preparation, configuration, testing

  14. Meet regulatory and compliance requirements

  15. Meet regulatory and compliance requirements Stage 1 Stage 2 Stage 3 Stage 4 Identify regulatory requirements Use content explorer to identify regulated data Extend data lifecycle management policies with automation Use Azure Sentinel to build reports to continuously assess and inventory the compliance status of your information Assess requirements for information protection and implement retention and sensitivity labels Use Compliance Manager to assess compliance and plan remediation for identified gaps Set up partitioning and isolation controls (if applicable) Use Compliance Manager to identify and remediate remaining gaps and meet the requirements of new or updated regulations Implement container labeling, automatic and mandatory labeling, and stricter DLP policies Implement DLP policies Review current guidance for regulations that apply to your organization. Implement communication compliance policies (if applicable) Re-assess compliance using Compliance Manager and address remaining gaps

  16. Regulatory Compliance Stakeholders IT Compliance Manager Name Investigation and audit roles Name Sponsor Name CISO Name Strategy, steering, escalation, approvals, business alignment, and coordination management Protection and governance of data assets and systems, such as risk and policy determination and tracking and reporting. Determination of required controls to address compliance and protection requirements. Investigation and reporting in cooperation with compliance and protection leads. Information Protection Manager Name Microsoft 365 admins Name Project Lead Name Arch Lead Name Overall management of engagement, resources, timeline and schedule, communications, and others. Data classification and sensitive data identification, controls, and remediation. Technical requirements, architecture, reviews, decisions, and prioritization. Tenant and environment, preparation, configuration, and testing.

  17. Prevent or reduce damage from a breach

  18. Prevent or reduce damage from a breach-infrastructure Stage 1 Stage 2 Stage 3 Stage 4 Discontinue legacy network security technology Implement Azure Backups and Azure Site Recovery for all business data Segment your network Secure privileged accounts Implement Azure Backup for critical business data Gain visibility to network traffic Implement a patching plan Implement Azure Site Recovery for critical workload continuity Protect against ransomware Encrypt network communication

  19. Prevent or reduce damage from a breach-threat protection Stage 1 Stage 2 Stage 3 Stage 4 Evolve security operations as a discipline in your organization Turn on XDR tools: - Azure AD Identity Protection - Defender for Identity - Defender for Office 365 - Defender for Cloud Apps Turn on Defender for IoT Get started with Microsoft Purview Insider Risk Management Design an Azure Sentinel workspace and ingest XDR signals Leverage automation to reduce load on your SecOps analysts Define internal process for security operations (SecOps) Investigate and respond to threats using Defender for Microsoft 365 Proactively hunt for threats Turn on additional XDR tools: - Defender for Endpoint - Defender for Cloud

Related


Factors Influencing Business Intelligence Adoption in Public Sector Organizations

Factors Influencing Business Intelligence Adoption in Public Sector Organizations

owain
Factors Influencing Consumers' Electric Vehicle Adoption in Developing Countries (2018-2022)

Factors Influencing Consumers' Electric Vehicle Adoption in Developing Countries (2018-2022)

asmodeus
Zero Defects Philosophy in Quality Management

Zero Defects Philosophy in Quality Management

fergus
The Road to Net Zero: Importance of Data Collection in Energy Management and Consulting

The Road to Net Zero: Importance of Data Collection in Energy Management and Consulting

neptune
2022 Thales Access Management Index

2022 Thales Access Management Index

star
Embracing the Zero Waste Program at California State University, Los Angeles

Embracing the Zero Waste Program at California State University, Los Angeles

imara
Understanding Natural Resources and Resource Economics

Understanding Natural Resources and Resource Economics

sufyan
Securitization of Covid-19 in Hong Kong: Trust and Success

Securitization of Covid-19 in Hong Kong: Trust and Success

alea
Understanding Sustainable Development and Zero Carbon Emissions in Buildings

Understanding Sustainable Development and Zero Carbon Emissions in Buildings

reid
Role of AI in Threat Detection and Zero-day Attacks

Role of AI in Threat Detection and Zero-day Attacks

kacey
Strategies for Advancing Net Zero Homes and Affordability in Massachusetts

Strategies for Advancing Net Zero Homes and Affordability in Massachusetts

issac
2022 Reach Codes Initiative. Advancing safer, healthier and more affordable buildings and vehicles

2022 Reach Codes Initiative. Advancing safer, healthier and more affordable buildings and vehicles

kalani
Managing RHIS Resources: Governance and Mobilization

Managing RHIS Resources: Governance and Mobilization

leni
FOLIO & Linked Data Functionality Review

FOLIO & Linked Data Functionality Review

shoshana
Progress and Strategic Plan for Digital Economy by Ministry of Communication and Informatics

Progress and Strategic Plan for Digital Economy by Ministry of Communication and Informatics

theo
Financial Impacts of Electric Vehicles on Utility Ratepayers and Shareholders

Financial Impacts of Electric Vehicles on Utility Ratepayers and Shareholders

bruno
City of Cambridge Fossil Fuel Free Building Program Overview

City of Cambridge Fossil Fuel Free Building Program Overview

philippa
Sustainable Food Systems and the Feed Zambia Zero Hunger Programme

Sustainable Food Systems and the Feed Zambia Zero Hunger Programme

zidan
Zero Tolerance Initiative: Protecting Florida's Vulnerable Populations

Zero Tolerance Initiative: Protecting Florida's Vulnerable Populations

raife
Exploring FAEST: Post-Quantum Signatures and Zero-Knowledge Proofs

Exploring FAEST: Post-Quantum Signatures and Zero-Knowledge Proofs

borys
Sustainable Housing Design: A Zero Energy Approach for Resilient Living

Sustainable Housing Design: A Zero Energy Approach for Resilient Living

branwen
Decarbonizing Cities' Cooling Systems: A Step Towards Net Zero

Decarbonizing Cities' Cooling Systems: A Step Towards Net Zero

meir
Integration of Electric Vehicles with Existing Distributed Energy Resources at Findhorn Ecovillage

Integration of Electric Vehicles with Existing Distributed Energy Resources at Findhorn Ecovillage

eadie
ASCCC OERI Webinar on OER for Anatomy, Physiology, and Microbiology

ASCCC OERI Webinar on OER for Anatomy, Physiology, and Microbiology

eli

More Related Content

Sustainable Agriculture Initiatives and Resources in New York State
Sustainable Agriculture Initiatives and Resources in New York State
Empowering Black Motherhood: Celebrating Life and Trust in Health
Empowering Black Motherhood: Celebrating Life and Trust in Health
Building Respect and Trust in Teamwork at COM-FSM
Building Respect and Trust in Teamwork at COM-FSM
Review of 2022/23
Review of 2022/23
PERITIA: Exploring Trust in Policy Expertise for Public Impact
PERITIA: Exploring Trust in Policy Expertise for Public Impact
Creating Trustworthy Green Hotels Around Oceans
Creating Trustworthy Green Hotels Around Oceans
Leveraging Trust Factors for Effective Verifications
Leveraging Trust Factors for Effective Verifications
International Treaty on Plant Genetic Resources for Food and Agriculture
International Treaty on Plant Genetic Resources for Food and Agriculture
Comprehensive Wellness Resources and Support at McGill University
Comprehensive Wellness Resources and Support at McGill University
LCAP Engagement Update for Parent Advisory Committees
LCAP Engagement Update for Parent Advisory Committees
Renewable Energy: Sources, Advantages, and Disadvantages Overview
Renewable Energy: Sources, Advantages, and Disadvantages Overview
Climate Action Strategy for Decarbonising Inland Transport by 2050
Climate Action Strategy for Decarbonising Inland Transport by 2050
Secure Shared Data Analysis Environment on Kubernetes at CERN
Secure Shared Data Analysis Environment on Kubernetes at CERN
Renewable Energy
Renewable Energy
Resources For Support
Resources For Support
DRRS Design to Meet HB1500 Intent
DRRS Design to Meet HB1500 Intent
ALLOCATE TOUR RESOURCES
ALLOCATE TOUR RESOURCES
Efficient Resource Mobilization and Management Strategies by Dr. Abraham Maliet Mamer
Efficient Resource Mobilization and Management Strategies by Dr. Abraham Maliet Mamer
Understanding Water Resources Economics
Understanding Water Resources Economics
Exploring Water Resources with Digital Maps: A River Exploration Lesson
Exploring Water Resources with Digital Maps: A River Exploration Lesson
Understanding Water Resources Economics and Public Policy
Understanding Water Resources Economics and Public Policy
Resources and Tools for Extramurally Funded Projects at UH Hilo
Resources and Tools for Extramurally Funded Projects at UH Hilo
Understanding Folio Agreements and Resource Management
Understanding Folio Agreements and Resource Management
Grade 8 Civics Field Test Administration Overview
Grade 8 Civics Field Test Administration Overview