While working for a previous employer, I worked on a project to help a client assess its network security. During our analysis, we identified the malware called Emotet<\/a> on our client\u2019s system.<\/p>\n The world had been fighting Emotet since the financial sector first reported it to the U.S. Cybersecurity and Infrastructure Security Agency that same year. Spread via fraudulent email attachments, the malware\u2019s creators were selling its infrastructure to other malicious actors so that they, too, could spread it with their own attachments hidden in seemingly helpful Word documents \u2014 invoices, shipping orders, even company updates.<\/p>\n Once users tried to open the attachment, a pop-up prompted them to \u201cenable macros\u201d to view it. When victims did so, the malware began running on their machines, opening the doors to data theft, other Trojan attacks and ransomware.<\/p>\n Worse, the virus changed each time a user opened it. Because it was constantly evolving, the international security agency Europol could not take it down until 2021.<\/strong><\/p>\n Fortunately, back in 2020, my work for the client included identity protection via Azure MFA (multifactor authentication), device protection via Microsoft<\/a> Intune, data protection via Exchange Online Protection (EOP), Microsoft Information Protection (MIP), Data Loss Prevention (DLP), and app protection via Microsoft Defender for Cloud Apps (MDCA), formerly Microsoft Cloud App Security (MCAS). Through this multifactor approach, we removed Emotet from the client\u2019s system and prevented it from spreading further, saving the company a painful remediation that could have cost up to $1 million or more.<\/p>\n My Emotet experience revealed problems that would only grow as additional companies moved their servers and data to the cloud. The message is clear: Simply securing networks is no longer enough to protect an organization\u2019s entire digital ecosystem.<\/strong> The virtual walls companies relied on are crumbling, especially as businesses and everyday computer users increasingly rely on the ease of accessing documents, analyzing data and working from anywhere that the cloud enables.<\/p>\n After joining Centric in 2021, I began working with my new colleagues to create a “Zero-Trust” approach to security. It includes a multifactor security assessment like the one that helped my team identify Emotet and the elements of Zero-Trust Security Architecture. We believe organizations need both for security today. But where do you start?<\/p>\n Before you can build secure architecture, you must conduct an assessment to understand your current security posture fully. The assessment should include a comprehensive roadmap to help you deploy and adopt Microsoft 365<\/a> capabilities to protect the six pillars of Zero-Trust Architecture: identities, devices, apps, infrastructure, data and network.<\/strong> You will then be ready to enhance your Microsoft 365 investment securely.<\/p>\n As you interview assessment providers and examine their proposals, make sure that they have the bandwidth and skillset to create a roadmap that includes your:<\/p>\n Once complete, your roadmap will become your guide to hardening your existing architecture and building it out for the agility you need to identify potential risks earlier and eliminate them more quickly.<\/p>\n Your Zero-Trust Architecture\u2019s six pillars protect the people, processes and technology throughout your entire organizational footprint. Because they are interrelated, your architecture must take a holistic approach. The days of only fixing the network server alone \u2014 or only the current problem \u2014 are gone!<\/p>\n Let\u2019s take a look at the role each pillar plays in your Zero-Trust Architecture:<\/p>\nStart With the Security You Have Now<\/h2>\n
\n
Build Your Zero-Trust Architecture<\/h2>\n