Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
This article summarizes technology pillars in our Zero Trust adoption model.
Technology pillars represent the core areas of your security architecture. They group related capabilities and controls into logical domains such as identity, endpoints, data, apps, infrastructure, networks, and security operations.
Each pillar answers the same fundamental question:
How do we apply Zero Trust principles to this part of the environment?
Instead of thinking in terms of individual products or features, pillars provide a stable way to organize security design and implementation across your environment.
Technology pillars in the adoption model
Our structured adoption model focuses on three components:
- Business scenarios - Define the most critical security outcomes for the organization. They focus on why we're adopting Zero Trust security.
- Security disciplines - Guide teams to define strategy, architecture, processes, and controls across common areas of security so that we can deliver the business scenarios. They focus on what Zero Trust capabilities are required.
- Technology pillars - Secure specific areas of the organization such as identity, data, and devices. They focus on where security capabilities are implemented.
- Technical solutions - As adoption moves towards deployment, technical solutions provide detailed guidance for implementing security controls across technology pillars. They focus on how security is implemented.
In the Zero Trust adoption model, technology pillars sit between strategy and implementation.
Technology pillars don't define outcomes (business solutions) or steps (technical solutions), but they do:
- Define technical boundaries where security controls are applied. These boundaries are used by solutions to organize implementation guidance and logic.
- Act as the bridge between intent (why) and implementation (how).
Pillars
| Technology pillar | Description |
|---|---|
 Identities |
Control access decisions. Every request starts with identity verification and enforcement of least privilege. |
 Endpoints |
Evaluate and enforce device trust. Access depends on device health, compliance, and risk. |
 Data |
Protect the asset itself. Security persists with the data through classification, labeling, encryption, and access control. |
 Apps |
Govern how data is accessed. Apply controls at the application and API layer, including permissions and session controls. |
 Infrastructure |
Secure compute resources. Harden servers, VMs, containers, and services through configuration, access control, and monitoring. |
 Network |
Control connectivity and movement. Segment and monitor traffic to prevent lateral movement and enforce secure communication. |
 SecOps |
Integrate and operationalize all pillars. Detect, investigate, and respond using signals from across the environment. |
Zero Trust implementation workshops
Microsoft's Zero Trust implementation workshops are available for each pillar. Learn more.
What's next?
- Review technical solutions.
- Learn about our Zero Trust adoption model.
- Review critical security business scenarios.