Note #3: Zero Trust principles
The base of zero trust
I’m Amir Rouhanipoor, an IT Consultant specializing in Azure and cloud solutions. I help organizations streamline their IT and drive growth through secure, efficient cloud technologies.
Security-focused Cloud & Automation Engineer with a Master’s in Computer Science and 6+ years of experience automating and supporting enterprise IT environments across multi-site corporate and operational infrastructures. Proficient in Python scripting, Azure infrastructure, Windows Server, and identity management. Skilled in integrating third-party platforms, securing configurations, and streamlining operations. Currently pursuing the Cybersecurity Architect Expert certification with a strong focus on cloud security and automation.
1- Verify Explicitly (Authentication): No services should be accessible anonymously. We need to verify every access; everything must have an identity. People, applications, or services—verification is about authentication.
Strengthen authentication by using MFA or passwordless methods.
Conditional access policy (the new firewall in modern architecture)
User behavior analytics.
2- Least privilege Access(Authorization):
Just Enough Access (JEA)
Just In Time (JIT) (access for limited time) with PIM.
3- Assume breach: This is where you find hackers..
Network segmentation: e.g. VLanning allows only specific protocols, like SMP, to access servers.
Monitoring
Reviewing