SC-100: Zero Trust Conceptual Understanding - "Audio Only"

https://pachehra.blogspot.com/   / arun-pachehra   Earlier, traditional security assumed that anything inside the company network was safe. But today, users work remotely, apps are in the cloud, devices are everywhere, and data is no longer limited to the office network. Because of this, Zero Trust assumes that every request could be risky and must be verified before access is allowed. Zero Trust is not a product or service. It is a security approach or framework used to design and implement security across the organization. It protects users, devices, applications, data, infrastructure, and networks, regardless of where they are located. The framework is based on three guiding principles: Verify explicitly Always authenticate and authorize using signals like user identity, location, device health, workload, data sensitivity, and risk level. Use least privilege access Give users only the access they need, only when they need it. This reduces the damage if an account is compromised. Assume breach Design security with the assumption that attackers may already be inside. Segment access, monitor activity, use encryption, and detect suspicious behavior early. Microsoft also explains six Zero Trust technology pillars: Pillar What it means Identities Secure users, services, and devices with strong authentication and least privilege. Endpoints Ensure laptops, mobiles, servers, and other devices are healthy and compliant before access. Data Classify, label, encrypt, and protect data even if it leaves the organization’s environment. Applications Secure apps and APIs, detect shadow IT, and monitor abnormal behavior. Infrastructure Protect VMs, servers, containers, and workloads using hardening, telemetry, and threat detection. Network Segment the network, monitor traffic, encrypt communication, and prevent lateral movement. A seventh supporting area is visibility, automation, and orchestration, which connects all pillars by collecting signals, detecting threats, and automating security responses. In simple terms: Zero Trust means do not blindly trust any user, device, app, or network. Validate every access request, give minimum required permissions, and continuously monitor for threats