Microsoft’s zero-trust implementation strategy addresses strong user identity, device health verification, and least-privilege access to corporate resources and services, all backed by data that reduces the risk of unauthorized lateral movement across the corporate network. Through these authentication and verification methods, Microsoft can ensure that users are only given access that is explicitly authorized.
Customers can implement multifactor authentication through Azure Authenticator, which allows them to grant access to the specific corporate resources explicitly approved for each individual user, in a mobile-friendly environment and across multiple devices. As things continue to move forward, Microsoft said its end goal is to completely eliminate passwords.
Cloud management software like Microsoft Intune can ensure that every device is healthy before being allowing access to major productivity applications like Microsoft Exchange, SharePoint, and Teams. Customers can also establish a set of managed virtualized services that make applications and full Windows desktop environments available to users with unmanaged devices, according to Microsoft.