Skip to main content

Workshop Delivery Guide

Overview

The Zero Trust Workshop helps customers to develop an actionable and orderly strategy for implementing a secure Zero Trust posture. There are two parts to the Zero Trust Workshop. The first is assessing the customer's current environment with programmatic checks that will help to identify gaps and areas for improvement. The second is helping the customer to identify projects and initiatives that they need to implement to further advance their adoption of capabilities to transform their environment. There are currently three different workshops available for the following pillars:

  • Identity
  • Devices
  • Data

Customers can choose to schedule all the workshops or just a subset of them depending on their priorities and resource availability. While the workshops are modular, customers are encouraged to start with Identity first, then Devices, followed by Data (and any future modules as they become available).

Purpose

This document is for use by the delivery expert that plans on delivering the Zero Trust Pillar Workshops to customers. It aims to provide delivery experts with a comprehensive overview of the tasks that will be required to successfully deliver the Zero Trust Pillar Workshops to customers. It is structured chronologically following the standard and typical flow of a workshop delivery.

Target Customer

The ideal customer for this engagement:

  1. Understands and aligns to the Microsoft Zero Trust security vision. The Zero Trust Fundamentals Assessment is a great prerequisite to drive this alignment prior to these pillar-focused workshops.
  2. Has the intent and resources to invest in projects to deploy Microsoft Security products

Alignment with internal and external Microsoft recommendations

Although the content of the Zero Trust Workshop will be continuously updated in a quarterly cadence, most of the recommendations discovered as part of the engagement are aligned with the Zero Trust Security Deployment Guidance:

Customer Stakeholders

In order to get the most out of these workshops, it is recommended to have people on the call from the customer’s side that can cover the following areas:

  • Identity and Access Management (IAM)
  • Security (Governance/CERT/SOC)
  • Devices/Endpoint
  • App Dev
  • Networking

Recommendations for the customer stakeholders that should attend each of the pillar workshops are as follows:

IdentityDevicesData
• Identity and Access Management (IAM) team
• Security Operations team
• Devices/Endpoint team
• Enterprise Application Developers
• CISO (if possible)
• IT Director (if possible)
• MDM Admin (Architect, Ops)
• Security (Architect, Ops)
• Conditional Access Admin (Security, Identity, MDM)
• Governance and Risk
• CISO (if possible)
• IT Director (if possible)
• Information Protection architects and officers
• Compliance officers and administrators
• Data Platform administrators focused on data security (Exchange, SharePoint, etc.)
• CISO (if possible)
• IT Director or Lead Architect (if possible)

Engagement Model

PhasesKey ObjectivesKey ActivitiesSuccess Criteria
Initial Scoping call with Customer

Duration: 30 minutes
• Arrange the technical review activity and ensure scope, objectives, format and deliverables are understood by the customer
• Confirm logistics and attendees
• Decide which of the pillars the customer would like delivered
• Gather customer context and validate intent and readiness for Zero Trust journey
• Conduct scoping meeting
• Agree on the assessment logistics and schedule time to deliver individual pillar workshops
• Ensure customer understands prerequisites to run the assessment checks
• Vaidate required customer technical and operational stakeholders
• Validate that the customer has understanding of their current Microsoft licensing arrangements for relevant services
• Workshop engagement is understood by all required stakeholders
• Logistics for the review are finalized
• Delivery Expert has identified way to share files with customer
Assessment (optional)

Duration: Depends on environment
• Customer understands their gaps and how to optimize their already deployed services• Customer runs the assessment checks. These might take several hours depending on the size of the environment
• Delivery expert conducts a session to walk through the findings
• Customer understands findings report
Roadmap Mapping (Pillar Workshop)

Duration: See Workshop Delivery Time Estimates section
• Customer has a tailored adoption roadmap to further evolve their Zero Trust posture• If customer already took the Zero Trust Foundation Assessment, delivery expert can fill in some roadmap item statuses per their existing knowledge of customer's environment
• Delivery expert leads working sessions to walk through the baseline adoption roadmap identified by Microsoft and fills it out based on customer requirements and constraints
• Csutomer has a customized deployment path with concrete deployment steps and decisions to make
Closeout

Duration: 1 hour
• Gather customer feedback about the workshop
• Identify additional pillar workshops to deliver
• Customer fills out feedback survey• Workshop feedback survey is completed

Workshop Delivery Time Estimates

Below are the estimated delivery times for each section of the pillar workshops:

IdentityDevicesData
• Apps: 1.5 hours
• Users and Groups: 1 hour
• Devices: 0.5 hour
• Operations: 1 hour
• Total: 4 hours
• Windows: 1-4 hours
• Mobile Application Management (MAM): 15 - 45 minutes hour
• iOS and Android MDM: 0.5-1 hour
• Operations: 15 minutes
• Total: 3-6 hours
• Know and Protect You Data: 2 hours
• Manage Data Access: 1 hour
• Protect Critical Data Assets: 1 hour
• Total: 4 hours