Microsoft Zero Trust Developer Guide

As described below, I developed content for the Developer guidance section of the Microsoft Zero Trust Guidance Center on Microsoft’s public Learn documentation platform. This project was in fulfillment of the scope of my role as Senior Technical Writer at Microsoft with the Microsoft Security, Identity and Network Access Team.

Situation

The requirements for this content were developed in response to a criticism from Gartner that Microsoft’s Zero Trust documentation did not adequately address the needs of software developers to comply with the US executive order 14028, Improving the Nation’s Cyber Security that directs federal agencies on advancing security measures to reduce the risk of successful cyberattacks against the federal government’s digital infrastructure. On January 26, 2022, the Office of Management and Budget (OMB) released the federal Zero Trust strategy in memorandum 22-09, in support of EO 14028. Microsoft had me begin development of content for the software developer role in April 2022.

Task

Initial content scope was bound to the developer workshop sessions listed in the Source material section below; however, I regularly looked for additional content that could be sourced to enhance the offerings, working with the Product Manager to identify the best options to add value to the project. The additional content that was approved for inclusion is listed after the developer workshop links.

Approach

After reviewing the source material, I drafted collaboration files in Microsoft Word on a SharePoint site for review by Subject Matter Experts (SME). After SME sign-off, I developed the content in Markdown using Visual Studio Code to comply with multiple Microsoft contributor and style guides. When necessary, I edited existing or created new graphics in PowerPoint, exporting PNG files to be embedded in articles. I published the Markdown and graphics files using GitHub, following an established process for Microsoft Learn content.

Results

The project’s Product Manager was always extremely happy with the quality of my work, my ability to work independently and guide SMEs towards content improvements, my delivery of final content ahead of deadlines, and my forward-thinking, above-scope identification of existing content to supplement the desired results. Feedback from Gartner is forthcoming.

Links to currently-published articles are provided below followed by a PDF export of the entire Zero Trust Guidance Center that includes most recent content to which I contributed (on pages 204 through 274).

Source material

Verified by MonsterInsights