Accelerating Digital Transformation Leveraging Zero Trust Data Access in a Microsoft Ecosystem

Accelerating Digital Transformation Leveraging Zero Trust Data Access (ZTDA) in a Microsoft Ecosystem

Estimated reading time: 5.5 minutes

Microsoft thoroughly understands how to build market advantage.  It operates globally with popular product suites such as Windows and Office, productivity and collaboration products such as Teams and SharePoint, cloud services such as Azure and OneDrive and important enterprise products such as Authenticator, Azure Active Directory, and Sentinel.  Used alone they are each powerful products, however, when used together they create digital transformation that streamlines operations, improves responsiveness and service levels, reduces costs and empowers your teams by securely providing them the right information at the right time.

This digital transformation is multiplied when Zero Trust Data Access (ZTDA) functionality and security are tied in and used to add value to the Microsoft ecosystem.

Adding Zero Trust Data Access to Microsoft Products to Mitigate Ransomware

With the massive increase in unstructured data stored and used by today’s organizations, we have seen a corresponding rise in ransomware with badly protected unstructured data being the main target of attack. Because ransomware requires access to files and folders it is ultimately a data access issue.   That means that you have to monitor and control user access to files and folders as much as possible.

Products that employ a zero trust data access architecture, such as FileFlex Enterprise, can give you that capability. ZTDA provides the data-centric tools for this data-centric threat. It adds productivity and security based on a zero trust architecture into your Microsoft ecosystem by integrating and working with your Microsoft products, cloud services and enterprise utilities.

Zero Trust Micro-Segmentation, Identity Management, Role-Based Least Privilege Access and Activity Tracking

ZTDA ties in because it uses a micro-segmentation process to keep the connection between users and data secure, and by controlling who and what data can be accessed to mitigate unauthorized access to your company infrastructure. And since all users must be authenticated and all access is controlled by a zero trust role-based policy engine, it provides a complete log of all actions.  For example, this can be used with Microsoft Sentinel to aid investigations and/or to provide alerts to suspicious activity, adding tremendous value to your Microsoft ecosystem.

Some companies have an idea that their level of IT Security is “good enough” when they should be looking to be at the best or highest level of security available for their users, network & information systems – security based on a zero trust architecture. Always identifying first, both the device and the user, using policy-based access, micro-segmentation, and least privilege access to bring structure to the chaos of unstructured data while adding additional layers of security throughout your organization.

Zero Trust Data Access – FileFlex Enterprise

FileFlex Enterprise has a unique patented zero trust-based architecture designed to:

  1. Protect the confidentiality of sensitive information by providing access to data without providing access to the organization’s network infrastructure;
  2. Provide IT the tools they need to control remote access and file-sharing;
  3. Protect the transfer of information;
  4. Allow for only authorized access to content; and
  5. Protect user credentials.

 

How the Zero Trust Data Access Architecture of FileFlex Enterprise Adds Value to the Microsoft Ecosystem

 

FileFlex Enterprise and SharePoint

FileFlex Enterprise brings remote access and sharing functionality to a self-hosted implementation of SharePoint.  Further, SharePoint is no longer separate silo access but is integrated into the entire organizational infrastructure of on-premises storage and cloud-hosted storage in a single-pane-of-glass while adding security based on a zero trust architecture to remote access and sharing SharePoint files and folders. FileFlex integrates seamlessly as an overlay to any SharePoint site, respecting all native securities in place within the SharePoint access policies.

FileFlex Enterprise and Azure

Azure has great IT administration tools for hosting organizational servers and applications, however, the tools for user remote storing, access and sharing of files and folders from the Azure platform can be enhanced through Fileflex Enterprise.  FileFlex Enterprise allows an organization to provide users individual Azure cloud storage, where each user can store files and folders, remotely access, share and collaborate.  It integrates Azure storage into the entire organizational infrastructure in a single-pane-of-glass, adds security based on a zero trust architecture and provides IT administrators a complete log of all activities to and from Azure storage.  All Azure access is over the internet without the need for a VPN.  Further, the activity log can be used in Microsoft Sentinel to aid in investigations and provide alerts for suspicious actions.

FileFlex Enterprise and OneDrive

Originally designed as a consumer file sync and share service to compete with Google Drive and Dropbox as a centralized cloud service, OneDrive is now also used by Microsoft with enterprise apps such as Teams and SharePoint.  FileFlex Enterprise adds tremendous value to the use of OneDrive in an enterprise environment.  It provides security based on a zero trust architecture and provides IT a complete activity log of all in-app transactions between OneDrive and users.  Users can open, edit, save, share and collaborate files to OneDrive while giving IT complete control over the unstructured data stored there.

FileFlex Leveraging of Microsoft Authenticator and Azure Active Directory

FileFlex Enterprise can use Microsoft Authenticator for user verification as its two-factor and MFA authentication layer.  It can use Azure Active Directory for account and storage access policies. These Microsoft user authentication mechanisms can be leveraged by FileFlex to deliver the most secure Zero Trust Data Access platform in today’s market.

Microsoft MFA and SSO capabilities are integrated into the FileFlex user authentication process before any further level of granted access to the secure FileFlex Enterprise server utilizing existing Microsoft client credentials, to grant access to the platform.

FileFlex and Microsoft Azure Virtual Machine

Once a user is authenticated and granted access to the FileFlex Server, they can proceed with secure zero trust data access via FileFlex Enterprise. The FileFlex Enterprise Server is a pre-configured VM that may be mounted to an on-prem virtual appliance or cloud host. Once such compatible cloud host is Microsoft, by way of Azure Virtual Machine.  Azure Virtual Machine can be used to run the FileFlex Enterprise policy server and multiple Azure VMs can be clustered to provide high availability.

FileFlex and Microsoft Azure Sentinel

Since Microsoft Azure VMs can run FileFlex servers, and multiple Azure VMs can be deployed to support FileFlex server clustering, both individual and clustered Azure VMs can be monitored using Azure Sentinel, which ingests VM csv logs.  Sentinel logs the activities of the FileFlex VM, ingests and monitors FileFlex user logs running on the Azure VMs to produce analytics, reports, visualizations and alerts on an abnormality or flagged activities.  It provides reactive security that complements the proactive security based on a zero trust architecture of FileFlex Enterprise.

FileFlex VM logs contain both user and administrator activities in great detail, and this information is used by Sentinel to generate real-time alerts, reports, and visualizations of user and admin activities. Sentinel is designed to monitor and read activity logs from VMs. The two work together to bring forward real-time alerts, reports and visualizations to user and system activities.

Putting the Pieces Together to Add Value and Synergy to the Microsoft Ecosystem

Once a user is authenticated into FileFlex Enterprise via Microsoft Authenticator, all of their repositories assigned by Azure Active Directory are presented to them via the FileFlex Enterprise Windows client.

From here, users can interact with their assigned content repositories. Using their Microsoft credentials they can access their assigned SharePoint, Teams, OneDrive and Azure Cloud repositories under the native policies put in place through Azure AD, coupled with any additional policies in place through FileFlex.   This puts IT in control over remote access to all their unstructured data and access is controlled via a zero trust architecture with micro-segmentation, least privilege role-based access.

The FileFlex Enterprise Windows client communicates to the FileFlex Enterprise server which is hosted on Microsoft Azure inside a clustered, high availability Microsoft Azure Virtual Machines.  The server then communicates with a FileFlex connector which can connect a user to their Azure, SharePoint, OneDrive, on-premises or local storage and it keeps an activity log for all users and all transactions.  The activity log works stand-alone or together with Microsoft Sentinel to provide IT visibility and alerts over suspicious activity.

Jacob Williams is a system engineer supporting FileFlex Enterprise customers at Qnext Corp.