Cloud users' roadmap

Microsoft Issues Cloud Services Guide to Support DOD’s Zero Trust Framework

Microsoft has released guidance on configuring its cloud services for the Department of Defense and its industry partners to achieve zero trust capabilities.

Steve Faehl, Microsoft’s federal security chief technology officer, wrote in a blog post on Tuesday that the guide features the applications of Microsoft 365 and Microsoft Azure Government available to DOD customers and partners. Faehl described the document as an actionable reference on specific tools suited for particular DOD zero trust objectives, Microsoft said Tuesday.

The guidance walks users through the Microsoft 365 E5 hybrid cloud and multiplatform setup with productivity apps featuring advanced security capabilities addressing all seven pillars of the DOD Zero Trust Strategy, Faehl noted.

For the strategy’s user pillar, Microsoft 365 incorporates the Microsoft Entra ID for multicloud identity and access management. To address the strategy’s network pillar, the guidance focuses on Microsoft’s Azure networking capabilities, including application protection and network monitoring.

With the changing security landscape, Faehl said Microsoft’s zero trust technology innovations will continue, as seen in the Microsoft Copilot for Security launched on April 1.

The DOD aims to achieve a zero trust-based architecture by 2027, according to David McKeown, the Pentagon’s deputy chief information officer for cybersecurity and senior information security officer.