Skip to main content

Using Microsoft's Zero Trust Model to Secure Your Data

In one of our recent webinars, we asked our audience to select the top reason for security breaches in 2020. Most of the participants expected Malware attacks to be the number one reason, with old or unmatched security vulnerabilities and human error coming in at a tie for second. The truth is, there is no “top” reason that companies fall victim to data breaches. There’s no Achilles' heel or Death Star exhaust port that we’re all guilty of. We have to be prepared for anything.

The best way to prepare for anything is to trust nothing. That’s why Pyramid Consulting recommends customers adopt a Zero Trust model for information security. It’s true that even a junior administrator could make a global impact on their company’s security network by switching the wrong switch. It’s also true that aging systems leave companies vulnerable to attacks, and that sophisticated malware is capable of breaching even the most security-focused companies.

Some vulnerabilities are hidden in plain site, but even seasoned security experts aren’t aware of them. For instance, did you know…

  • You can’t tell who even signed into Microsoft 365 31 days ago?
  • Users can forward their emails to public email platforms such as G-Suite, bypassing Data Loss Prevention?
  • Admins may be provisioned with Multi-Factor Authentication but they can turn it off for themselves or service accounts for convenience?

Zero Trust security is like the “Swiss Cheese Model” of protecting against COVID-19.

Instead of focusing on one type of threat, or putting entire security budgets into one type of defense, Zero Trust synchronizes and layers security measures across your entire network. If one defense strategy has a vulnerability, there is another layer of defense that can stop the breach.

As Mark Wuerslin, Pyramid Consulting Office 365 Practice Manager,  told participants in the webinar, “Redundancy isn’t enough, you have to look at responsibilities, and make sure everyone is in sync.” Two identical slices of Swiss cheese leave the same hole in your defense. When properly implemented, Zero Trust ensures that every party with responsibility for data security is on the same page, and that known vulnerabilities are paired with unique new layers of defense.

There’s so much coming at us as security and IT professionals. Nobody can stay on top of every new development, or every expansion of the attack vector. Pyramid Consulting partners with CoreView to boil down and filter information about the effectiveness of different security controls (layers of Swiss). Then Pyramid Consulting implements the most effective controls and interprets the results of security data, which goes in a feedback loop to make sure the entire security architecture is working perfectly.

By working with CoreView, Pyramid is helping companies reduce the Time To Value for Zero Trust implementation. As we increase our vulnerabilities through massive remote work transformations, it’s important that Zero Trust implementations only take months rather than years.

Learn more in the on demand webinar: Optimizing Microsoft 365 Security.

Cookie Notice

This site uses cookies to provide you with a more responsive and personalized service. By using this site you agree to our privacy policy & the use of cookies. Please read our privacy policy for more information on the cookies we use and how to delete or block them. More info

Back to top