Illusive Blog August 12, 2021

Identity is the New Perimeter: How to Enable Zero Trust Security with Illusive and Microsoft

By Mark Jaffe
Cloud Security, Identity Access Management, Identity Security, Microsoft Azure Active Directory, Zero Trust

Microsoft has been advocating for a Zero Trust security model that incorporates identity as its first pillar. Securing identity is critical because even if your network and devices are secure, all an attacker needs to compromise enterprise resources is one set of exposed privileged credentials. Illusive enables organizations to experience the benefits of Zero Trust with its Attack Surface Manager, which audits and cleans exposed identities from endpoints so that attackers can’t use them. Additionally, Illusive’s Attack Detection System offers a compensating control, as attackers continue to develop techniques to bypass commonly deployed security controls.

The traditional network security model has been likened to a castle. The firewall like a bulwark, protecting the crown jewels. However more than a decade of cloud computing, mobile devices and remote workers have eroded the effectiveness of this network perimeter. When employees are accessing third-party services from personal devices and private networks, organizations need to reimagine how to secure access. Most organizations are now turning to Zero Trust security. Identity is the new perimeter.

Illusive is blazing new trails with Microsoft

During the 2021 Microsoft Ignite Keynote, Microsoft CEO Satya Nadella spoke about the impact of cloud computing over the past decade and Microsoft’s vision for the next ten years. Nadella believes we are in a second wave of digital transformation (although for some organizations it may feel more like one giant tidal wave). Reflecting on how the cloud will change over the next decade, Nadella began by highlighting the ubiquitous and decentralized nature of computing (a driving force behind the need for Zero Trust security) and concluded with the importance of trust by design (mentioning Zero Trust security directly).

Microsoft has been doing a lot of work to help organizations understand Zero Trust security. These are Microsoft’s guiding principles of Zero Trust security: verify explicitly, use least privileged access, and assume breach. Microsoft has also delineated six foundational pillars of Zero Trust security: identities, devices, applications, network, infrastructure, and data.

 

The Microsoft Zero Trust Security Model (source: Microsoft)

There is no single path to Zero Trust because each organization has its own unique challenges, but there is a strong argument to begin with a focus on identities. According to the Microsoft Zero Trust Maturity Model, “Identities – whether they represent people, services, or IOT devices – define the Zero Trust control plane.”

Credentials and connections fuel lateral attack movement, so managing and securing identities can slow or eliminate attacks before they reach valuable enterprise data. One of the most high-profile ransomware attacks of 20201, the Colonial Pipeline breach, was the result of a single compromised password, which investigators traced to a dark web leak.

From 0 to Zero Trust

According to a Microsoft survey of more than 1,200 security decision-makers, Zero Trust adoption is accelerating. Ninety percent of respondents were familiar with Zero Trust and 76 percent were in the process of implementation. Pre-pandemic only 20 percent were familiar with Zero Trust and only 6 percent were in the process of implementation. It is a logical conclusion that remote work has been a driving force behind this increased adoption since 81 percent of respondents have now shifted toward hybrid work.

Consider the impact that hybrid work has on security. Employees (or family members using their devices) are more likely to engage in risky behavior from the comfort of their own home, and their private network lacks the security controls native to a corporate network. Sensitive credentials may be cached on these machines, easily exposed to attackers.

Admins that need to manage these devices connect with remote desktop protocol (RDP), which may leave valuable breadcrumbs for attackers. In fact, threat intelligence analysts have identified RDP as the most common and valuable access listing for sale on the dark web. Ransomware-as-a-service is booming because of this criminal economy. It has become imperative for organizations to secure these credentials.

A Match Made in the Clouds: Illusive and Microsoft

Illusive enables organizations to experience the benefits of Zero Trust with its Attack Surface Manager, which sanitizes exposed credentials and connections to eliminate compromised identities from the attack surface. Illusive’s Attack Detection System detects unauthorized access across identities, devices, networks and applications by intercepting attackers with deceptive credentials, which cannot be detected or bypassed by attackers.

 

Illusive Offers Solutions for a Variety of Microsoft Services

Illusive is a member of the Microsoft Intelligent Security Association, and its solutions for Microsoft 365 E5, Azure Active Directory, and Azure Sentinel are available on the Azure Marketplace, built upon a broad set of integrations across Microsoft products to enable end-to-end protection for Microsoft and Azure-enabled environments.

Since protecting privileged identities is foundational to Zero Trust security, Illusive for Azure Active Directory gives organizations the tools they need to protect privileged user identities from attacker abuse:

  • Security & threat visibility on Active Directory and Azure Active Directory.
  • Visualize and automate the discovery and mitigation of over privileged identities, misconfigurations, and shadow admins.
  • Detect insiders attempting to leverage policy gaps between Enterprise Active Directory and Azure Active Directory.

These features and benefits are why Microsoft has recognized Illusive as the Winner of its Microsoft Security 20/20 Identity Trailblazer Award. Learn how Illusive and Microsoft collaborate to secure Agoda’s workforce. Contact Illusive today if you want to learn how to secure your privileged identities to experience the benefits of Zero Trust.

Mark Jaffe is VP of Strategy and Business Development at Illusive.