Expert Comments On Microsoft Bug Shows Importance Of Zero Trust

Vulnerabilities such as the Microsoft login bug illustrate the need to advance Zero Trust access capabilities in the enterprise. While companies have attempted to inform employees not to click on suspicious emails, hackers are circumventing this awareness by exploiting flaws in trusted apps or by creating fraudulent websites that mimic trusted entities. Victims can expose their login credentials simply by visiting a fake website or clicking a seemingly innocuous link from a trusted source, allowing hackers to access their accounts without them ever realizing – in this case, capturing Microsoft access tokens. With Zero Trust, the enterprise can increase user and the device verification, and add additional authentication factors depending on the context of the request, to prevent hackers with stolen credentials from accessing secured systems even with a credible login. Zero Trust also requires continuous re-verification of all users, applications and devices, so even “trusted” sources are consistently vetted, thereby making it significantly more difficult for hackers to successfully imitate an app or user.”  Read Less