Skip main navigation

Assume Compromise Philosophy

.

In the best of all worlds, our organization’s information systems are in a pristine state when we start implementing security controls. In this model, intrusions are something that exists as a future possibility rather than something that may have happened before you started thinking about how to secure your organization’s information systems.

The assume compromise philosophy takes the position that an organization should build and maintain its security posture based on the idea that the organization’s information systems have already been compromised. Another part of the assume compromise philosophy is that the organization should assume that preventative technologies such as firewalls, anti-virus, and intrusion detection systems (IDS) will fail. Under the assumed compromise philosophy, information security teams focus instead on detecting and responding to suspicious activity rather than simply preventing intrusion. Detection of suspicious activity can be assisted by leveraging cloud-based analytics services that constantly monitor information systems telemetry for anomalies.

When you design a security posture with assumed compromise in mind, you restrict an attacker’s ability to move laterally between information systems and restrict their ability to escalate privileges within those systems. These goals can be done by implementing technologies such as Just Enough Administration (JEA) and Just in Time (JIT) administration, segmenting networks, deploying code integrity policies as well as enforcing good administrative practices such as restricting administrative sessions so that they can only be initiated from specially configured privileged access workstations.

This article is from the free online

Microsoft Future Ready: Fundamentals of Enterprise Security

Created by
FutureLearn - Learning For Life

Reach your personal and professional goals

Unlock access to hundreds of expert online courses and degrees from top universities and educators to gain accredited qualifications and professional CV-building certificates.

Join over 18 million learners to launch, switch or build upon your career, all at your own pace, across a wide range of topic areas.

Start Learning now