Uploaded byJoelGeronimo7
PPTX, PDF59 views

Zero Trust-Adoption Zero Trust-Adoption 01

Zero Trust Adoption Introduction

Embed presentation

Download to read offline
Zero Trust adoption resources
What’s included? Progress tracker for each business scenario Track recommended tasks across four stages Read the included instructions to use the tracking features Customize these for your organization Stakeholder teams for each business scenario Example stakeholder teams for each business scenario Customize the team for your organization Also download this Excel workbook to track owners and tasks
Using the progress trackers Shields have three states: Not Started In Progres s Compl ete Diamonds have two states: Incompl ete Compl ete To change the state, delete the icon. This will reveal the next state underneath. The progress bar indicates the stage on which the client is primarily focused. Hold shift and drag the marker to move it along the progress bar. “Invisible” blocks beneath the bar can be used to precisely align the marker to each stage. Please familiarize yourself with the deck and ensure the slide is hidden before presenting. This slide is for internal use only. When all stages are complete, delete the line, marker, and checkmark to reveal the checkmark’s Finished state.
Using the stakeholder slide Stakeholder info is shown in cards. To change the photoClick twice on the placeholder photo. Navigate to Picture Format > Change Picture. Adjust positioning with the Crop tool if needed. To change any textClick on the placeholder text and replace it. Overset text will resize to fit within the card. Please familiarize yourself with the deck and ensure the slide is hidden before presenting. This slide is for internal use only. These cards are made for a 4x3 grid. To add cards, copy and paste the template or hold Ctrl and drag the template to create a duplicate. Six or fewer stakeholders?Leave the top row blank. More than nine?Add another Stakeholder slide, repeating the primary stakeholders, like project leads, who are shown in the sidebar. Want to go an extra mile on your design? Use Shift+Enter to keep the last word of a paragraph from being alone on a line. A description of their responsibilities pertaining to this project, written in two to five lines of text. Role First Lastname
Rapidly modernize your security posture
Identify risks to your organization Stage 1 Identify gaps in your security posture Set leadership expectations Implement basic hygiene practices Stage 2 Visualize your security posture using audience- appropriate dashboards Stage 3 Document and manage shadow IT using Microsoft Defender for Cloud Apps Stage 4 Rapidly modernize your security posture Continuously educate users Continue to manage risk Update your scores from Exposure Management Develop a methodology for patching and updating systems Evolve your organization’s SecOps capability Capture your initial scores from Exposure Management Inventory your digital estate Identify regulatory requirements Capture your status in Compliance Manager Develop a response readiness plan
Overall engagement, resources, timeline and schedule, communications, and other elements. Project Lead Name The strategy for protecting organization data on devices, including managing devices Device management architect Name Tenant environment (preparation, testing, configuration). Services admins Name Strategy, steering, escalation, approvals, business alignment, and management coordination. Sponsor Name Security and governance of identities, devices, and apps. Owns risk and policy determination, tracking and reporting CISO Name Tech requirements, architecture, reviews, decisions, and prioritization Architecture Lead Name Your users’ needs and feedback. End user security and usability (EUC) lead Name Need and feedback from your business units. Business Unit Representative Name Prioritization and tech requirements for app investments, including bringing apps up to standards with modern authentication and Entra Conditional Access policies. App management lead Name Security posture stakeholders
Secure remote andhybrid work
Verify and secure every identity with strong authentication Stage 1 Integrate SaaS apps with Entra ID for single sign-on Register devices with Entra ID Stage 2 Implement Zero Trust starting point identity and device access policies Enroll devices into management and apply recommended security protections Stage 3 Monitor device configuration drift Stage 4 Secure remote and hybrid work New applications that are deployed use modern authentication Use App Proxy with on- prem apps for single sign-on Allow only compliant and trusted devices to access data Implement passwordless authentication
Manage overall engagement, resources, timeline and schedule, communications, etc. Project Lead Name Implements the strategy for protecting organization data on devices, including managing devices Device management architect Name Tech requirements, and prioritization of app investments — bringing apps up to standards with modern authentication and coordinating apps with conditional access rules App management lead Name Tenant/environment, preparation, configuration, testing M365 admins Name Strategy, steering, escalation, approvals, business alignment, management coordination Sponsor Name Security and governance of identities, devices, and apps; risk and policy determination, tracking and reporting CISO Name Tech requirements, architecture, reviews, decisions, and prioritization Arch Lead Name Determines required controls to address tech and architecture requirements; implements these Identity architect Name Secure remote and hybrid work stakeholders
Identify and protect sensitive business data
Discover and identify sensitive business data Stage 1 Discover non-sanctioned SaaS apps Encrypt network communication Develop and test a classification schema Stage 2 Set up secure Teams for sharing data internally and externally with business partners Add protection to labels Stage 3 Extend labels and protection to data in SaaS apps, including DLP Stage 4 Identify and protect sensitive business data Extend automated classification to all services Extend labels and protection to data in on- premises repositories Apply labels to data across Microsoft 365 Introduce basic DLP policies Introduce automatic & recommended labeling Extend DLP policies across Microsoft 365 Implement key insider risk management policies Protect organization data in cloud infrastructure
Manage overall engagement, resources, timeline and schedule, communications, etc. Project Lead Name Data classification and sensitive data identification, controls and remediation Information Protection Manager Name Tech requirements, architecture, reviews, decisions & prioritization Arch Lead Name Tenant/environment, preparation, configuration, testing M365 admins Name Strategy, steering, escalation, approvals, business alignment, management coordination Sponsor Name Protection and governance of data assets and systems; risk and policy determination, tracking and reporting CISO Name Determines required controls to address compliance and protection requirements IT Compliance Manager Name Investigation and reporting in cooperation with compliance and protection leads Investigation and audit roles Name Information protection stakeholders

More Related Content

PDF
Microsoft Zero Trust
byDavid J Rosenthal
 
PPTX
MS. Cybersecurity Reference Architecture
byangelohammond
 
PPTX
MicrosoftCybserSecurityReferenceArchitecture-April-2025.pptx
bySilvioHayashi
 
PPTX
Microsoft Zero Trust Adoption Resources PPTX
byphiltraversa
 
PDF
BATbern48_How Zero Trust can help your organisation keep safe.pdf
byBATbern
 
PDF
Un enfoque práctico para implementar confianza cero en el trabajo híbrido
byCristian Garcia G.
 
PDF
Cloud native patterns antipatterns
byMartin Stemplinger
 
PDF
Webinar–Creating a Modern AppSec Toolchain to Quantify Service Risks
bySynopsys Software Integrity Group
 
Microsoft Zero Trust
byDavid J Rosenthal
 
MS. Cybersecurity Reference Architecture
byangelohammond
 
MicrosoftCybserSecurityReferenceArchitecture-April-2025.pptx
bySilvioHayashi
 
Microsoft Zero Trust Adoption Resources PPTX
byphiltraversa
 
BATbern48_How Zero Trust can help your organisation keep safe.pdf
byBATbern
 
Un enfoque práctico para implementar confianza cero en el trabajo híbrido
byCristian Garcia G.
 
Cloud native patterns antipatterns
byMartin Stemplinger
 
Webinar–Creating a Modern AppSec Toolchain to Quantify Service Risks
bySynopsys Software Integrity Group
 

Similar to Zero Trust-Adoption Zero Trust-Adoption 01

PPTX
Unc charlotte prezo2016
bySanjay R. Gupta
 
PPTX
00 - Microsoft 365 Business Secure Deployment Toolkit - Kickoff and Technical...
byssuser2bcf91
 
PPTX
Microsoft - Human-Operated Ransomware Mitigation Project Plan #nice #template...
bypowerofgametest
 
PDF
Building Security Into Your Cloud IT Practices
byMighty Guides, Inc.
 
PDF
New technologies - Amer Haza'a
byFahmi Albaheth
 
PPTX
Zero Trust 20211105
byThomas Treml
 
PPTX
ciso-workshop-1-cybersecurity-briefing.pptx
bypravinsp141
 
PPTX
S360 2015 dev_secops_program
byShannon Lietz
 
PPTX
vCISO Overview Virtual CISO Chief Information Security Officer
byabstmsecure
 
PPTX
Devops - Accelerating the Pace and Securing Along the Way - Thaddeus Walsh
byDrew Malone
 
PDF
Microsoft-CISO-Workshop-Security-Strategy-and-Program (1).pdf
byParishSummer
 
PPTX
Empired Convergence 2017 - Keeping Pace, Staying Safe in the Digital World
byEmpired
 
PPTX
Securing your digital world - Cybersecurity for SBEs
bySonny Hashmi
 
PPTX
Securing your digital world cybersecurity for sb es
bySonny Hashmi
 
PPTX
ECS19 - Nicki Borell - Microsoft Cybersecurity Reference Architecture
byEuropean Collaboration Summit
 
PDF
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
byMark Simos
 
PDF
BetterCloud Whitepaper: Fixing IT's Blindspots – 8 Critical Security and Mana...
byBetterCloud
 
PDF
Security of the future - Adapting Approaches to What We Need
bysimplyme12345
 
PPTX
InfraGard Webinar March 2016 033016 A
byWard Pyles
 
PDF
Wfh security risks - Ed Adams, President, Security Innovation
byPriyanka Aash
 
Unc charlotte prezo2016
bySanjay R. Gupta
 
00 - Microsoft 365 Business Secure Deployment Toolkit - Kickoff and Technical...
byssuser2bcf91
 
Microsoft - Human-Operated Ransomware Mitigation Project Plan #nice #template...
bypowerofgametest
 
Building Security Into Your Cloud IT Practices
byMighty Guides, Inc.
 
New technologies - Amer Haza'a
byFahmi Albaheth
 
Zero Trust 20211105
byThomas Treml
 
ciso-workshop-1-cybersecurity-briefing.pptx
bypravinsp141
 
S360 2015 dev_secops_program
byShannon Lietz
 
vCISO Overview Virtual CISO Chief Information Security Officer
byabstmsecure
 
Devops - Accelerating the Pace and Securing Along the Way - Thaddeus Walsh
byDrew Malone
 
Microsoft-CISO-Workshop-Security-Strategy-and-Program (1).pdf
byParishSummer
 
Empired Convergence 2017 - Keeping Pace, Staying Safe in the Digital World
byEmpired
 
Securing your digital world - Cybersecurity for SBEs
bySonny Hashmi
 
Securing your digital world cybersecurity for sb es
bySonny Hashmi
 
ECS19 - Nicki Borell - Microsoft Cybersecurity Reference Architecture
byEuropean Collaboration Summit
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
byMark Simos
 
BetterCloud Whitepaper: Fixing IT's Blindspots – 8 Critical Security and Mana...
byBetterCloud
 
Security of the future - Adapting Approaches to What We Need
bysimplyme12345
 
InfraGard Webinar March 2016 033016 A
byWard Pyles
 
Wfh security risks - Ed Adams, President, Security Innovation
byPriyanka Aash
 

Recently uploaded

PPT
Information and Communication Technologies and Power
byJeffrey Hart
 
PDF
Artificial Intelligence and Barbarism - Conceptual Map
byalfadix
 
PDF
The map to conquer linear algebra for IT engineer
byakipii ogaoga
 
PPTX
Route_Inspection_Problem_Presentation.pptx
byIqraHanif27
 
PDF
The Future of AI-Powered Fashion Design 10 Top Generators for 2026
bymockitseo
 
PDF
“Lessons from Yesterday's Tomorrowland” by Scott M. Graffius
byScott M. Graffius
 
PPTX
Pizza Chain Market Data Scraping for Better Insights Report.pptx
byWeb Data Crawler
 
PDF
How Application Performance Monitoring Tools Are Used in Performance Testing
byhenrycavill30521
 
PDF
Xemelgo - RFID Industry Predictions for 2026
byRich Rogers
 
PDF
Top 10 API Automation Testing Tools: Features, Pros & Cons
byhenrycavill30521
 
PDF
threat-hunters-cookbook for cybersecurity
bylobster6719
 
PDF
Video Infrastructure_ Streaming Architecture and Delivery Systems.pdf
byTenbyte Limited
 
PPTX
Large Language Model. LLM Audit Artificial Intelligence
byMANASCHOUDHARY22
 
PPTX
AN Introduction to UNIX File System—An Approach
bysonjuktaweb
 
PDF
Regenerative Agriculture Finance : Environmental impact
byrose mason
 
PDF
Small Business Automation: A Comprehensive Cost and ROI Guide
byAmelia Swank
 
PPTX
Search Engine Responses to Conspiratorial Search Practices AANZCA 2025 Presen...
bykkasianenko
 
PDF
A Brief Introduction About Christopher Elwell Woburn
byChristopher Elwell Woburn
 
PDF
Azure Identity, Governance, and Monitoring solutions
byVICTOR MAESTRE RAMIREZ
 
PPTX
Document Reconstruction using AI & Deep Learning
bysonjuktaweb
 
Information and Communication Technologies and Power
byJeffrey Hart
 
Artificial Intelligence and Barbarism - Conceptual Map
byalfadix
 
The map to conquer linear algebra for IT engineer
byakipii ogaoga
 
Route_Inspection_Problem_Presentation.pptx
byIqraHanif27
 
The Future of AI-Powered Fashion Design 10 Top Generators for 2026
bymockitseo
 
“Lessons from Yesterday's Tomorrowland” by Scott M. Graffius
byScott M. Graffius
 
Pizza Chain Market Data Scraping for Better Insights Report.pptx
byWeb Data Crawler
 
How Application Performance Monitoring Tools Are Used in Performance Testing
byhenrycavill30521
 
Xemelgo - RFID Industry Predictions for 2026
byRich Rogers
 
Top 10 API Automation Testing Tools: Features, Pros & Cons
byhenrycavill30521
 
threat-hunters-cookbook for cybersecurity
bylobster6719
 
Video Infrastructure_ Streaming Architecture and Delivery Systems.pdf
byTenbyte Limited
 
Large Language Model. LLM Audit Artificial Intelligence
byMANASCHOUDHARY22
 
AN Introduction to UNIX File System—An Approach
bysonjuktaweb
 
Regenerative Agriculture Finance : Environmental impact
byrose mason
 
Small Business Automation: A Comprehensive Cost and ROI Guide
byAmelia Swank
 
Search Engine Responses to Conspiratorial Search Practices AANZCA 2025 Presen...
bykkasianenko
 
A Brief Introduction About Christopher Elwell Woburn
byChristopher Elwell Woburn
 
Azure Identity, Governance, and Monitoring solutions
byVICTOR MAESTRE RAMIREZ
 
Document Reconstruction using AI & Deep Learning
bysonjuktaweb
 

Zero Trust-Adoption Zero Trust-Adoption 01

  • 1.
  • 2.
    What’s included? Progress tracker foreach business scenario Track recommended tasks across four stages Read the included instructions to use the tracking features Customize these for your organization Stakeholder teams for each business scenario Example stakeholder teams for each business scenario Customize the team for your organization Also download this Excel workbook to track owners and tasks
  • 3.
    Using the progresstrackers Shields have three states: Not Started In Progres s Compl ete Diamonds have two states: Incompl ete Compl ete To change the state, delete the icon. This will reveal the next state underneath. The progress bar indicates the stage on which the client is primarily focused. Hold shift and drag the marker to move it along the progress bar. “Invisible” blocks beneath the bar can be used to precisely align the marker to each stage. Please familiarize yourself with the deck and ensure the slide is hidden before presenting. This slide is for internal use only. When all stages are complete, delete the line, marker, and checkmark to reveal the checkmark’s Finished state.
  • 4.
    Using the stakeholderslide Stakeholder info is shown in cards. To change the photoClick twice on the placeholder photo. Navigate to Picture Format > Change Picture. Adjust positioning with the Crop tool if needed. To change any textClick on the placeholder text and replace it. Overset text will resize to fit within the card. Please familiarize yourself with the deck and ensure the slide is hidden before presenting. This slide is for internal use only. These cards are made for a 4x3 grid. To add cards, copy and paste the template or hold Ctrl and drag the template to create a duplicate. Six or fewer stakeholders?Leave the top row blank. More than nine?Add another Stakeholder slide, repeating the primary stakeholders, like project leads, who are shown in the sidebar. Want to go an extra mile on your design? Use Shift+Enter to keep the last word of a paragraph from being alone on a line. A description of their responsibilities pertaining to this project, written in two to five lines of text. Role First Lastname
  • 5.
  • 6.
    Identify risks toyour organization Stage 1 Identify gaps in your security posture Set leadership expectations Implement basic hygiene practices Stage 2 Visualize your security posture using audience- appropriate dashboards Stage 3 Document and manage shadow IT using Microsoft Defender for Cloud Apps Stage 4 Rapidly modernize your security posture Continuously educate users Continue to manage risk Update your scores from Exposure Management Develop a methodology for patching and updating systems Evolve your organization’s SecOps capability Capture your initial scores from Exposure Management Inventory your digital estate Identify regulatory requirements Capture your status in Compliance Manager Develop a response readiness plan
  • 7.
    Overall engagement, resources, timelineand schedule, communications, and other elements. Project Lead Name The strategy for protecting organization data on devices, including managing devices Device management architect Name Tenant environment (preparation, testing, configuration). Services admins Name Strategy, steering, escalation, approvals, business alignment, and management coordination. Sponsor Name Security and governance of identities, devices, and apps. Owns risk and policy determination, tracking and reporting CISO Name Tech requirements, architecture, reviews, decisions, and prioritization Architecture Lead Name Your users’ needs and feedback. End user security and usability (EUC) lead Name Need and feedback from your business units. Business Unit Representative Name Prioritization and tech requirements for app investments, including bringing apps up to standards with modern authentication and Entra Conditional Access policies. App management lead Name Security posture stakeholders
  • 8.
  • 9.
    Verify and secureevery identity with strong authentication Stage 1 Integrate SaaS apps with Entra ID for single sign-on Register devices with Entra ID Stage 2 Implement Zero Trust starting point identity and device access policies Enroll devices into management and apply recommended security protections Stage 3 Monitor device configuration drift Stage 4 Secure remote and hybrid work New applications that are deployed use modern authentication Use App Proxy with on- prem apps for single sign-on Allow only compliant and trusted devices to access data Implement passwordless authentication
  • 10.
    Manage overall engagement, resources,timeline and schedule, communications, etc. Project Lead Name Implements the strategy for protecting organization data on devices, including managing devices Device management architect Name Tech requirements, and prioritization of app investments — bringing apps up to standards with modern authentication and coordinating apps with conditional access rules App management lead Name Tenant/environment, preparation, configuration, testing M365 admins Name Strategy, steering, escalation, approvals, business alignment, management coordination Sponsor Name Security and governance of identities, devices, and apps; risk and policy determination, tracking and reporting CISO Name Tech requirements, architecture, reviews, decisions, and prioritization Arch Lead Name Determines required controls to address tech and architecture requirements; implements these Identity architect Name Secure remote and hybrid work stakeholders
  • 11.
  • 12.
    Discover and identify sensitivebusiness data Stage 1 Discover non-sanctioned SaaS apps Encrypt network communication Develop and test a classification schema Stage 2 Set up secure Teams for sharing data internally and externally with business partners Add protection to labels Stage 3 Extend labels and protection to data in SaaS apps, including DLP Stage 4 Identify and protect sensitive business data Extend automated classification to all services Extend labels and protection to data in on- premises repositories Apply labels to data across Microsoft 365 Introduce basic DLP policies Introduce automatic & recommended labeling Extend DLP policies across Microsoft 365 Implement key insider risk management policies Protect organization data in cloud infrastructure
  • 13.
    Manage overall engagement, resources,timeline and schedule, communications, etc. Project Lead Name Data classification and sensitive data identification, controls and remediation Information Protection Manager Name Tech requirements, architecture, reviews, decisions & prioritization Arch Lead Name Tenant/environment, preparation, configuration, testing M365 admins Name Strategy, steering, escalation, approvals, business alignment, management coordination Sponsor Name Protection and governance of data assets and systems; risk and policy determination, tracking and reporting CISO Name Determines required controls to address compliance and protection requirements IT Compliance Manager Name Investigation and reporting in cooperation with compliance and protection leads Investigation and audit roles Name Information protection stakeholders