Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Identity & Access

Microsoft Launches Free Zero Trust Assessment Tool

Microsoft last week announced the availability of a tool designed to help organizations see where they are in their journey to implement a zero trust security model.

Microsoft last week announced the availability of a tool designed to help organizations see where they are in their journey to implement a zero trust security model.

Nupur Goyal, senior product marketing manager at Microsoft, told SecurityWeek that the tool is free and available to anyone.

“Our assessment tool will help orgs assess readiness across identities, devices, apps, infrastructure, network and data, and then provide go-dos and deployment guidance to help them reach key milestones,” Goyal said.

Due to the COVID-19 coronavirus outbreak, an increasing number of organizations have asked their employees to work remotely, which makes it more important than ever to prevent unauthorized access to corporate systems.

The capabilities provided by on-premises identity and security solutions can be limited, and one way to address the challenges associated with secure remote access is to implement a zero trust security model.

The zero trust model, whose guiding principle is “never trust, always verify,” assumes that every request originates from an uncontrolled network. Every access request is strongly authenticated and checked for anomalies before access is granted.

When the zero trust model is adopted, organizations must ensure that all resources are accessed securely regardless of where the request is coming from, apply a least privilege strategy and strictly enforce access control, and inspect and log all traffic, even if it originates from the local network.

Microsoft says every company looking to implement the zero trust model is at a different stage in their journey, and the assessment tool released by the tech giant can help them determine exactly where they are.

The assessment also provides organizations with recommendations on how to move forward to the next stage.

Microsoft says it plans on publishing deployment guides for each of the six foundational elements of zero trust — these are identities, devices, applications, data, infrastructure and networks — in the upcoming period.

Related: Enterprises Showing Increasing Backing of Zero Trust Authentication

Related: Cyber Security’s New Center Point: Zero Trust

Related: Patching Not Enough; Organizations Must Adopt Zero-Trust Practices: Report

Written By

Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Identity & Access

Hackers rarely hack in anymore. They log in using stolen, weak, default, or otherwise compromised credentials. That’s why it’s so critical to break the...

Management & Strategy

Industry professionals comment on the recent disruption of the Hive ransomware operation and its hacking by law enforcement.

Management & Strategy

Tens of cybersecurity companies have announced cutting staff over the past year, in some cases significant portions of their global workforce.

Audits

Out of the 335 public recommendations on a comprehensive cybersecurity strategy made since 2010, 190 were not implemented by federal agencies as of December...

Management & Strategy

Microsoft making a multiyear, multibillion dollar investment in the artificial intelligence startup OpenAI, maker of ChatGPT and other tools.

Funding/M&A

Twenty-one cybersecurity-related M&A deals were announced in December 2022.