Charlie Mac and Associates

  1. Newsletters

Simplify IT security with zero trust 🚫

My first job out of uni was as an Electronic Systems Engineer in the RAAF designing solid state replacements for SURAD, the ATC radar of the day.  One of the hardest things to recreate was Identify Friend or Foe (IFF) tags.  In a target rich environment, IFF tags help air defence officers filter good aircraft from bad.

In the old days, web filtering was done centrally – usually by a firewall or web filtering proxy.  The technology required all corporate traffic at all sites to be funnelled through such a service, and this in-turn drove a rise in MPLS networks – dedicated networks commonly connecting corporate sites to a central data centre.  In a zero-trust environment the network gets simpler. MPLS networks and web filter proxies become redundant and web filtering is done at the device – closer to the user is better.  This approach is used by Microsoft as part of their Intune and Windows Defender for Endpoint solutions – sophisticated web filtering that’s difficult to bypass. 

If you have Defender for Endpoint licencing, you can enable web filtering by:

1) Logging into the Microsoft 365 Defender portal

2) Scrolling to the bottom of the left blade and select Settings | Endpoints | Web content filtering (under Rules).

3) Adding a policy that includes the categories you want to block, specify the scope, and click Save.

And you are done!

You can also block specific IPs, URLs, or types of traffic (like peer-to-peer) and monitor if someone is attempting access through Reports | Web protection.

Zero trust is not a new term.  The concept is based on three pillars – verify explicitly, use least accessed privileges, and assume breach.  For example, the corporate network only provides access to applications that contain data you have authority to use.  Good security dictates zero trust, in that access to corporate data should not be assumed.  And I predict your IT infrastructure will get simpler as a result. 

Across the Industry

Recent Government Tenders

Microsoft News

Comments to: Simplify IT security with zero trust 🚫

Your email address will not be published.

Attach images - Only PNG, JPG, JPEG and GIF are supported.


Welcome to Typer

Brief and amiable onboarding is the first thing a new user sees in the theme.
Join Typer
Registration is closed.