{"id":24336,"date":"2024-04-16T20:01:05","date_gmt":"2024-04-17T04:01:05","guid":{"rendered":"http:\/\/www.palada.net\/index.php\/2024\/04\/16\/news-18066\/"},"modified":"2024-04-16T20:01:05","modified_gmt":"2024-04-17T04:01:05","slug":"news-18066","status":"publish","type":"post","link":"https:\/\/www.palada.net\/index.php\/2024\/04\/16\/news-18066\/","title":{"rendered":"New Microsoft guidance for the DoD Zero Trust Strategy"},"content":{"rendered":"

Credit to Author: Steve Faehl| Date: Tue, 16 Apr 2024 16:00:00 +0000<\/strong><\/p>\n

The Department of Defense (DoD) Zero Trust Strategy1 <\/sup>and accompanying execution roadmap2 <\/sup>sets a path for achieving enterprise-wide target-level Zero Trust by 2027. The roadmap lays out vendor-agnostic Zero Trust activities that DoD Components and Defense Industrial Base (DIB) partners should complete to achieve Zero Trust capabilities and outcomes.<\/p>\n

Microsoft commends the DoD for approaching Zero Trust as a mindset, not a capability or device that may be bought.1<\/sup> Zero Trust can\u2019t be achieved by a single technology, but through tight integration between solutions across product categories. Deciphering how<\/em> security products achieve Zero Trust based on marketing materials alone is a daunting task. IT leaders need to select the right tools. Security architects need to design integrated solutions. Implementers need to deploy, configure, and integrate tools to achieve the outcomes in each Zero Trust activity.<\/p>\n

Today, we are excited to announce Zero Trust activity-level guidance for DoD Components and DIB partners implementing the DoD Zero Trust Strategy. To learn more, see Configure Microsoft cloud services for the DoD Zero Trust Strategy<\/a>.<\/p>\n

In this blog, we\u2019ll review the DoD Zero Trust Strategy and discuss how our new guidance helps DoD Components and DIB partners implement Zero Trust. We\u2019ll cover the Microsoft Zero Trust platform and relevant features for meeting DoD\u2019s Zero Trust requirements, and close with real-world DoD Zero Trust deployments.<\/p>\n

Microsoft supports the DoD\u2019s Zero Trust Strategy<\/h2>\n

The DoD released its formal Zero Trust Strategy in October 2022.1<\/sup> The strategy is a security framework and mindset that set a path for achieving Zero Trust. The strategy outlines strategic goals for adopting culture, defending DoD Information Systems, accelerating technology implementation, and enabling Zero Trust.<\/p>\n

The DoD Zero Trust Strategy includes seven pillars<\/strong> that represent protection areas for Zero Trust:<\/p>\n

    \n
  1. User<\/li>\n
  2. Device<\/li>\n
  3. Applications and workloads<\/li>\n
  4. Data<\/li>\n
  5. Network<\/li>\n
  6. Automation and orchestration<\/li>\n
  7. Visibility and analytics<\/li>\n<\/ol>\n

    In January 2023, the DoD published a capabilities-based execution roadmap for implementing Zero Trust.2<\/sup> The roadmap details 45 Zero Trust capabilities<\/strong> spanning the seven pillars. The execution roadmap details the Zero Trust activities DoD Components should perform to achieve each Zero Trust capability. There are 152 Zero Trust activities<\/strong> in total, divided into Target Level Zero Trust <\/strong>and Advanced Level Zero Trust <\/strong>phases with deadlines of 2027 and 2032, respectively.<\/p>\n

    The Zero Trust activity-level guidance we\u2019re announcing in this blog continues Microsoft\u2019s commitment to supporting DoD\u2019s Zero Trust strategy.3<\/sup> It serves as a reference for how<\/em> DoD Components should implement Zero Trust activities using Microsoft cloud services. Microsoft product teams and security architects supporting DoD worked in close partnership to provide succinct, actionable guidance side-by-side with the DoD Zero Trust activity text and organized by product with linked references.<\/p>\n

    We scoped the guidance to features available today (including public preview) for Microsoft 365 DoD and Microsoft Azure Government customers. As the security landscape changes, Microsoft will continue innovating to meet the needs of federal and DoD customers.4<\/sup> We\u2019re excited to bring entirely new Zero Trust technologies like Microsoft Copilot for Security<\/a> and Security Service Edge to United States Government clouds in the future.5<\/sup><\/p>\n

    Look out for announcements in the Microsoft Security Blog and check Microsoft\u2019s DoD Zero Trust documentation<\/a> to see the latest guidance.<\/p>\n

    Microsoft\u2019s Zero Trust platform<\/h2>\n

    Microsoft is proud to be recognized as a Leader in the Forrester Wave\u2122: Zero Trust Platform Providers, Q3 2023 report.6<\/sup> The Microsoft Zero Trust platform<\/a> is a modern security architecture that emphasizes proactive, integrated, and automated security measures. Microsoft 365 E5<\/a> combines best-in-class productivity apps with advanced security capabilities that span all seven pillars <\/strong>of the DoD Zero Trust Strategy.<\/p>\n

    \n

    \u201cSingle products\/suites can be adopted to address multiple capabilities. Integrated vendor suites of products rather than individual components will assist in reducing cost and risk to the government.\u201d<\/p>\n

    \u00a0\u2014Department of Defense Zero Trust Reference Architecture Version 2.07<\/sup><\/em><\/cite><\/p><\/blockquote>\n

    \n
    \n

    \t\t\tZero Trust Rapid Modernization Plan\t\t<\/p>\n

    \t\t \t\t\tRead more<\/span> <\/span> \t\t<\/a> \t<\/div>\n<\/p><\/div>\n

    Microsoft 365 is a comprehensive and extensible Zero Trust platform.8<\/sup> It\u2019s a hybrid cloud, multicloud, and multiplatform solution. Pre-integrated extended detection and response (XDR) services coupled with modern cloud-based device management, and a cloud-based identity and access management service, provide a direct and rapid modernization path for the DoD and DIB organizations.<\/p>\n

    Read on to learn about Microsoft cloud services that support the DoD Zero Trust Strategy.<\/p>\n

    \"diagram\"<\/figure>\n

    Figure 1. Microsoft Zero Trust Architecture.<\/em><\/p>\n

    Microsoft Entra ID<\/strong><\/a> is an integrated multicloud identity and access management solution and identity provider. Microsoft Entra ID is tightly integrated with Microsoft 365 and Microsoft Defender XDR services to provide a comprehensive suite Zero Trust capabilities including strict identity verification, enforcing least privilege, and adaptive risk-based access control.<\/p>\n

    Microsoft Entra ID is built for cloud-scale, handling billions of authentications every day. It uses industry standard protocols and is designed for both Microsoft and non-Microsoft apps. Establishing Microsoft Entra ID as your organization\u2019s Zero Trust identity provider lets you configure, enforce, and monitor adaptive Zero Trust access policies in a single location. Conditional Access is the Zero Trust authorization engine for Microsoft Entra ID. It enables dynamic, adaptive, fine-grained, risk-based, access policies for any workload.<\/p>\n

    Microsoft Entra ID is essential to the user<\/em> pillar and has a role in all other pillars of the DoD Zero Trust Strategy.<\/p>\n

    Microsoft Intune<\/strong><\/a> <\/strong>is a multiplatform endpoint and application management suite for Windows, MacOS, Linux, iOS, iPadOS, and Android devices. Microsoft Intune configuration policies manage devices and applications. Microsoft Defender for Endpoint<\/a> helps organizations prevent, detect, investigate, and respond to advanced threats on devices. Microsoft Intune and Defender for Endpoint work together to enforce security policies, assess device health, vulnerability exposure, risk level, and configuration compliance status. Conditional Access policies requiring a compliant device help achieve comply-to-connect  outcomes in the DoD Zero Trust Strategy.<\/p>\n

    Microsoft Intune and Microsoft Defender for Endpoint help achieve capabilities in the device<\/em> pillar.<\/p>\n

    GitHub<\/strong><\/a> <\/strong>is a cloud-based platform where you can store, share, and work together with others to write code. GitHub Advanced Security includes features that help organizations improve and maintain code by providing code scanning, secret scanning, security checks, and dependency review throughout the deployment pipeline. Microsoft Entra Workload ID<\/a> helps organizations use continuous integration and continuous delivery (CI\/CD) with GitHub Actions.<\/p>\n

    GitHub and Azure DevOps are essential to the applications and workloads<\/em> pillar.<\/p>\n

    Microsoft Purview<\/strong><\/a> <\/strong>is a range of solutions for unified data security, data governance, and risk and compliance management. Microsoft Purview Information Protection<\/a> lets you define and label sensitive information types. Auto-labeling within Microsoft 365 clients ensure data is appropriately labeled and protected. Microsoft Purview Data Loss Prevention<\/a> integrates with Microsoft 365 services and apps, and Microsoft Defender XDR components to detect and prevent data loss.<\/p>\n

    Microsoft Purview features align to the data<\/em> pillar activities.<\/p>\n

    Azure networking services<\/strong><\/a> <\/strong>include a range of software-defined network resources that can be used to provide networking capabilities for connectivity, application protection, application delivery, and network monitoring. Azure networking resources like Microsoft Azure Firewall Premium, Azure DDoS Protection, Microsoft Azure Application Gateway, Azure API Management, Azure Virtual Network, and Network Security Groups, all work together to provide routing, segmentation, and visibility into your network.<\/p>\n

    Azure networking services and network segmentation architectures are essential to the network<\/em> pillar.<\/p>\n

    \n
    \n

    \t\t\tAutomate threat response with playbooks in Microsoft Sentinel\t\t<\/p>\n

    \t\t \t\t\tLearn more<\/span> <\/span> \t\t<\/a> \t<\/div>\n<\/p><\/div>\n

    Microsoft Defender XDR<\/strong><\/a> <\/strong>is a unified pre- and post-breach enterprise defense suite that natively coordinates detection, prevention, investigation, and response actions. It correlates millions of signals across endpoints, identities, email, and applications to automatically disrupt attacks. Microsoft Defender XDR\u2019s automated investigation and response and Microsoft Sentinel playbooks are used to complete security orchestration, automation, and response (SOAR) activities.<\/p>\n

    Microsoft Defender XDR plays a key role in automation and orchestration<\/em> and visibility and analytics<\/em> pillars.<\/p>\n

    Microsoft Sentinel<\/strong><\/a> is a cloud-based security information and event management (SIEM) you deploy in Azure. Microsoft Sentinel operates at cloud scale to accelerate security response and save time by automating common tasks and streamlining investigations with incident insights. Built-in data connectors make it easy to ingest security logs from Microsoft 365, Microsoft Defender XDR, Microsoft Entra ID, Azure, non-Microsoft clouds, and on-premises infrastructure.<\/p>\n

    Microsoft Sentinel is essential to automation and orchestration<\/em> and visibility and analytics<\/em> pillars along with any activities requiring SIEM integration.<\/p>\n

    Real-world pilots and implementations<\/h2>\n

    The DoD is embracing Zero Trust as a continuous modernization effort. Microsoft has partnered with DoD Components for several years, onboarding Microsoft 365 services, integrating apps with Microsoft Entra, migrating Azure workloads, managing devices with Microsoft Intune, and building security operations around Microsoft Defender XDR and Microsoft Sentinel.<\/p>\n

    One such example is the United States Navy\u2019s innovative Flank Speed program. The Navy\u2019s large-scale deployment follows Zero Trust capabilities put forth in the DoD\u2019s strategy. These capabilities include comply-to-connect, continuous authorization, least-privilege access, and data-centric security controls.9<\/sup> To date, Flank Speed has onboarded more than 560,000 users and evaluated the effectiveness of its robust cybersecurity tools through Purple Team assessments.10<\/sup><\/p>\n

    Another example is Army 365, the United States Army\u2019s Microsoft 365 environment.11<\/sup> Army 365 has onboarded more than 1.4 million users and migrated petabytes of data.12<\/sup> The secure collaboration environment incorporates Zero Trust principles in a secure collaboration environment with identity and device protections and includes support for bring your own device (BYOD) through Azure Virtual Desktop.13<\/sup><\/p>\n

    \n
    \n
    \n
    \n
    \n

    DoD Zero Trust Strategy and Roadmap<\/h2>\n
    \n

    Learn how to configure Microsoft cloud services for the DoD Zero Trust Strategy.<\/p>\n<\/p><\/div>\n

    \t\t\t\t\t\t\t \t\t\t\t\t\t\t\tLearn more<\/span> \t\t\t\t\t\t\t\t<\/span> \t\t\t\t\t\t\t<\/a> \t\t\t\t\t\t<\/div>\n<\/p><\/div>\n<\/p><\/div>\n
    \t\t\t\t\t\"MSC24-China-business-Getty-1469706272-rgb\"\t\t\t\t<\/div>\n<\/p><\/div>\n<\/p><\/div>\n<\/p><\/div>\n

    Learn more<\/h2>\n

    Embrace proactive security with Zero Trust<\/a>.<\/p>\n

    To learn more about Microsoft Security solutions, visit our website.<\/a> Bookmark the Security blog<\/a> to keep up with our expert coverage on security matters. Also, follow us on LinkedIn (Microsoft Security<\/a>) and X (@MSFTSecurity<\/a>) for the latest news and updates on cybersecurity.<\/p>\n

    \n

    1<\/sup>DoD Zero Trust strategy<\/a>, DoD CIO Zero Trust Portfolio Management Office. October 2022.<\/p>\n

    2<\/sup>Zero Trust Capability Execution Roadmap<\/a>, DoD CIO Zero Trust Portfolio Management Office. January 2023.<\/p>\n

    3<\/sup>Microsoft supports the DoD\u2019s Zero Trust strategy<\/a>, Steve Faehl. November 22, 2022.<\/p>\n

    4<\/sup>5 ways to secure identity and access for 2024<\/a>, Joy Chik. January 10, 2024.<\/p>\n

    5<\/sup>Microsoft Entra Expands into Security Service Edge with Two New Offerings<\/a>, Sinead O’Donovan. July 11, 2023.<\/p>\n

    6<\/sup>Forrester names Microsoft a Leader in the 2023 Zero Trust Platform Providers Wave\u2122 report<\/a>, Joy Chik. September 19, 2023.<\/p>\n

    7<\/sup>Department of Defense (DoD) Zero Trust Reference Architecture Version 2.0<\/a>, Defense Information Systems Agency (DISA), National Security Agency (NSA) Zero Trust Engineering Team. July 2022.<\/p>\n

    8<\/sup>How Microsoft is partnering with vendors to provide Zero Trust solutions<\/a>, Vasu Jakkal. October 21, 2021.<\/p>\n

    9<\/sup>Flank Speed Has Paved the Way for Navy to Become ‘Leaders in Zero Trust Implementation,’ Says Acting CIO Jane Rathbun<\/a>, Charles Lyons-Burt, GovCon Wire. June 2023.<\/p>\n

    10<\/sup>Flank Speed makes significant strides in DOD Zero Trust Activity alignment<\/a>, Darren Turner, PEO Digital. December 2023.<\/p>\n

    11<\/sup>Army launches upgraded collaboration platform; cybersecurity at the forefront<\/a>, Alexandra Snyder. June 17, 2021.<\/p>\n

    12<\/sup>Cohesive teams drive NETCOM\u2019s continuous improvement, Army 365 migration<\/a>, Enrique Tamez Vasquez, NETCOM Public Affairs Office. March 2023.<\/p>\n

    13<\/sup>BYOD brings personal devices to the Army network<\/a>, Army Office of the Deputy Chief of Staff, G-6. February 2024.<\/p>\n

    The post New Microsoft guidance for the DoD Zero Trust Strategy<\/a> appeared first on Microsoft Security Blog<\/a>.<\/p>\n

    https:\/\/blogs.technet.microsoft.com\/mmpc\/feed\/<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"

    Credit to Author: Steve Faehl| Date: Tue, 16 Apr 2024 16:00:00 +0000<\/strong><\/p>\n

    We are excited to announce new Zero Trust activity-level guidance for implementing the Department of Defense Zero Trust Strategy with Microsoft cloud services.<\/p>\n

    The post New Microsoft guidance for the DoD Zero Trust Strategy<\/a> appeared first on Microsoft Security Blog<\/a>.<\/p>\n","protected":false},"author":4,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"colormag_page_container_layout":"default_layout","colormag_page_sidebar_layout":"default_layout","footnotes":""},"categories":[10759,10378],"tags":[21481],"class_list":["post-24336","post","type-post","status-publish","format-standard","hentry","category-microsoft","category-security","tag-microsoft-365"],"_links":{"self":[{"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/24336","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/comments?post=24336"}],"version-history":[{"count":0,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/24336\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/media?parent=24336"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/categories?post=24336"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/tags?post=24336"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}