You mean in addition to replying emails to administrates? To the first question, the zero-trust network architecture is designed with this idea of assuming breach. That is to say, when I sign an official document, this phone verifies my fingerprint. Another piece of software, CrowdStrike, verifies my phone’s integrity. Another piece of software, CloudFlare, verifies that CrowdStrike is not misbehaving.