Introduction
Hello everyone, and welcome on my first blog on this awesome CloudExperts Community! I want to take you on a journey navigation from the Traditional to the Modern Workspace and leveraging from the features the Microsoft Defender XDR has to offer at this moment.
The main goal about this blog is to guide you from a traditional Workspace approach into all the current possibilities Microsoft has to offer as of beginning 2024 😊
In this Blog, I will take you on the journey in the following sequence:
- Re-introducing the Traditional Workspace and the related techniques.
- Introducing the Modern Workspace
- Understanding the power of the Microsoft Zero Trust Model to Secure the Modern Workspace
- Give a few examples on which Microsoft Defender XDR-Solutions will give you a head start while implementing.
What is the Traditional Workspace
When we talk about the Traditional Workspace everyone seems to have a good understanding on what we mean by that. Nevertheless, it’s a good thing to fresh up your memory on what the Traditional Workspace is all about!
Let’s Summarize some key points which the Traditional Workspace consists of:
– The Workspace is hosted on (virtualized) physical servers and infrastructure which is places on-premises or in a Private “Cloud”
– Mainly data is being saved on traditional File Servers within this on-premises infrastructure
– Mostly Legacy self-hosted applications are hosted on Application and Database Servers and only accessible from within your company network
– The company network is mostly isolated from the “scary” public Internet 😊
– Email is hosted on-premises (Exchange Server or HCL Notes)
– VDI-Solutions that are only available within the company network or require VPN-connections
– Company Devices are Managed on-premises and need to be inside the Company-network to apply updates, password changes or software distribution
Does this all sound familiar? I guess it does… see a visual summary below:
Some organizations are implementing some “Modern” functionalities into their Traditional Workspace. When you look into the history of organizations approach to transitioning to the Modern Workspace you will see that almost every organization would start with on Hybrid Exchange environment or migrating from on-premises Exchange Server into Exchange Online.
When summarizing the Traditional Workspace, a “typical” organization would look something like this:
There are some main downsides of sustaining the Traditional Workspace which potentially would not be on top of your mind:
– You will need to manage EVERYTHING yourself, just imagine how many hours you could save yearly on transitioning to the Modern Workspace
– You will need to do Lifecycle Management every 3-years, but most organizations would just extend support-contracts with the hardware vendors. So potentially you are working on hardware which is already 5? Years old.
– When investing in new hardware, organizations would need to calculate the expected peak-load for the next 3 to 5 years. So potentially you would under- or overestimate the hardware needs and need to deal with all potential scenarios the because of that.
– You will need to have a great patching– procedure, exploits and zero-days are popping up like the first flowers outside when Spring is here 😊
– You would need to monitor everything within your network, devices, applications, datacenters. But what about shadow-it or SaaS-applications?
– Your IT-staff is using older technologies, which can impact their personal and technical development. And next to that it could be difficult to hire fresh staff because all of the older technologies.
– But one of the most important things; end-users experience the Traditional Workspace as a limiting factor in their daily jobs.
What is the Modern Workspace
Now we have remembered you of what the Traditional Workspace exists off let’s continue with the star of the show: The Modern Workspace!
In opposition to the Traditional Workspace, the Modern Workspace consists of:
– Hybrid or Cloud-Native environments
– Files and Applications are hosted in a combination of on-premises, Cloud IaaS and Cloud Native or PaaS-solutions
– Access to Company resources is no longer limited from a Company Network or via a VPN-connection.
– Embracing the Hybrid-workers to work everywhere and anytime!
– Bring Your Own Device is embraced by implementing Mobile Application Management (MAM) and employees can use their own devices to access (some) company data and resources.
– Managing Company devices with Mobile Device Management (MDM) to update, control and secure the devices from any location
– Securing your Modern Workspace with Microsoft Defender XDR-solutions (Extended Detection and Response)
– Collaboration and Communication is embraced in the way of working
– User experience first approach!
When summarizing all of the items above the Modern Workspace consists of the following main techniques:
.
To give you a more detailed overview of some of the Microsoft Products and Features that fit under the Modern Workspace approach I’ve created the following:
When putting all of the items together there two main ways to implement the Modern Workspace. The first example is a company which implemented a Cloud-Only approach wo the Modern Workspace:
The other way you could implement the Modern Workspace is a Hybrid-model, this is mostly implemented by bigger organizations which have a low of legacy infrastructure that provides workloads which are used on their primary processes:
Leveraging the Zero Trust Model
With all of the potential that the Modern Workspace has to offer there are some challenges as well. Being able to work everywhere and on every device creates the need for a Security by Design approach while implementing the Modern Workspace. A great way to accomplish this is to use the Microsoft Zero Trust Model as a reference for securing your environment.
Hereby I will give you a quick introduction (or refresh) about the Microsoft Zero Trust Model
First off, all, there is a significant difference between the traditional model and the Modern Workspace. The traditional model has everything protected behind a DMZ or Firewall within your company network, keeping it “safe” from the Internet.
Today’s – or the Modern Workspace model shows you that everything is connected on their own way, almost everything is eventually connected to the main (Hybrid/Cloud) company network
These are some main base-rules you need to keep in mind while implementing a secure Modern Workspace bases on the Microsoft Zero Trust model:
These base-rules could be translated or mapped into six different pillars within the Microsoft Zero Trust Model:
- Identities
- Devices
- Infrastructure
- Network
- Apps
- Data
Implementing Microsoft Defender XDR-Solutions
Now you understand the basics of the Modern Workspace and the Microsoft Zero Trust Model it’s time to give you some examples of how Microsoft Defender XDR-Solutions are able to help you with Securing your Modern Workspace.
While your Modern Workspace is implemented you would need to make sure that it is as secure as possible! You can achieve this, for example with implementing the following products:
– Microsoft Defender for Office 365
– Microsoft Defender for Cloud Apps
– Microsoft Defender for Endpoint
– Microsoft Defender Vulnerability Management
– And more!
Summary
I hope that you enjoyed the ride within this blog, and you now have a great overview of what the difference between the Traditional and Modern Workspace is, how to use the Microsoft Zero Trust Model and get started with the most awesome transition possible!
In my next blogs I will go into depth about Microsoft XDR-Solutions which you can implement within your Modern Workspace
Thank you and see you next time!
Author
-
Jordy Herber is a Microsoft Cloud & Security architect. He loves to solve technical challenges with the latest techniques and Microsoft products. Make sure to follow him as he guides us in the world of Microsoft XDR & SIEM solutions.
View all posts