Microsoft helping U.S. government with Zero Trust architecture

To help federal agencies follow an executive order, Microsoft is designing examples of Zero Trust architecture.

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

What you need to know

On May 12, 2021, President Joe Biden issuedExecutive Order (EO) 14028. The EO requires federal agencies to make “significant investments” in cybersecurity. Microsoft and 17 other companies will work with theNational Institute of Standards and Technology (NIST)to help design Zero Trust policies.

EO 14028 states that the “private sector must adapt to the continuously changing threat environment, ensure its products are built and operate securely, and partner with the Federal Government to foster a more secure cyberspace.”

Specifically, the EO requires federal agencies to develop and plan to adopt Zero Trust Architecture. Zero Trust is a different model of security that assumes a system has already been breached. It relies on verification rather than just focusing on strengthening systems against attacks.

Microsoft explainshow it is working with NIST’s National Cybersecurity Center of Excellence (NCCoE) on implementing a Zero Trust Architecture Project. The company states that in many agencies, the required technology is in place, but that it needs to be activated and fine-tuned.

Microsoft has identified five of the most impactful scenarios that agencies should build toward to meet the directives in EO 14028:

Kevin Stine, chief of the Applied Cybersecurity Division in the National Institute of Standards and Technology’s Information Technology Laboratory (ITL), shared how companies such as Microsoft will play a role in implementing Zero Trust architecture:

The telework tidal wave and increasing cybersecurity breaches and ransomware attacks have made implementing a Zero Trust architecture a federal mandate and a business imperative. We look forward to working with our project collaborators, such as Microsoft, to deliver timely, informed technical ‘how-to’ guidance and example implementations of Zero Trust architectures to assist federal agencies and other industry sectors with their Zero Trust journeys.

The NCCoE aims to have multiple examples of Zero Trust architecture built and shared. These can then be used as guides for implementing security technology in the real world.

Get the Windows Central Newsletter

All the latest news, reviews, and guides for Windows and Xbox diehards.

Sean Endicott is a tech journalist at Windows Central, specializing in Windows, Microsoft software, AI, and PCs. He’s covered major launches, from Windows 10 and 11 to the rise of AI tools like ChatGPT. Sean’s journey began with the Lumia 740, leading to strong ties with app developers. Outside writing, he coaches American football, utilizing Microsoft services to manage his team. He studied broadcast journalism at Nottingham Trent University and is active on X @SeanEndicott_ and Threads @sean_endicott_.