Enterprise security for our mobile-first, cloud-first world

Today, I was able to join Microsoft CEO Satya Nadella in Washington, D.C., where he delivered a keynote that highlighted the need for a new approach to security. He shared how Microsoft uses its unique insight into the threat landscape to help better protect customers, and showcased how Microsoft technologies work in tandem with each other, and with solutions from the security ecosystem, to deliver a holistic, agile, security platform for today’s enterprise.

New approach                     

In our mobile-first, cloud-first world, employees work on corporate applications and access sensitive data from on-premises and cloud-based systems using every type of device from laptops to BYO devices to IoT sensors. While there is an immense opportunity for enterprises and individuals to derive personal and professional value from today’s connected technologies, there is a corresponding growth in risk as people increase their exposure to cyber security threats. While security has always been a focus for Microsoft, we recognize that the digital world in which we live requires a new approach to how we Protect, Detect and Respond to security threats.

We must better Protect all endpoints – from sensors and datacenters to identities and SaaS applications. We must move faster to Detect threats using the scale and intelligence of the cloud, machine learning and behavioral monitoring.   We must Respond more quickly and comprehensively, and empower our customers with insights that are actionable and holistic.

Microsoft’s unique insights into the threat landscape, informed by trillions of signals from billions of sources, create an intelligent security graph that we use to inform how we protect all endpoints, better detect attacks and accelerate our response. The intelligent security graph is powered by inputs we receive across our end points, consumer services, commercial services and on-premises technologies – and uniquely positions us to better protect our customers and their data.

New investments to help protect and better secure our customers

To support a comprehensive, cross company approach to security, Microsoft invests more than a billion dollars in security research and development, every year. Deepening this commitment, we announced plans to enhance our protection of customer data with a new Cyber Defense Operations Center. This state-of-the-art facility brings together security response experts from across the company to help protect, detect and respond to threats in real-time. Staffed with dedicated teams 24×7, the center has direct access to thousands of security professionals, data analysts, engineers, developers, program managers, and operations specialists throughout Microsoft to ensure rapid response and resolution to security threats. Informed by decades of experience working with the industry to fight threats on a global scale, the center maintains critical connections with industry security partners, governments and enterprise customers, and engages Microsoft’s Digital Crimes Unit when law enforcement needs arise.

Extending Microsoft’s security commitment to customers, we also announced the Microsoft Enterprise Cybersecurity Group (ECG). This dedicated group of worldwide security experts delivers security solutions, expertise and services that empower organizations to modernize their IT platforms, securely move to the cloud and keep data safe. ECG offers security assessments, provides ongoing monitoring and threat detection, and incident response capabilities. ECG helps customers take advantage of Microsoft’s best-in-class security and privacy technologies to optimize their investments and confidently advance their security postures.

A holistic, agile, security platform

During today’s keynote, Satya Nadella showcased how innovations in Windows 10, Office 365, Microsoft Azure, and Microsoft Enterprise Mobility Suite (EMS) work in tandem with each other, and with partner solutions from across the security ecosystem to deliver a holistic, agile, security platform. Combined with insights from the intelligent security graph, these security features are designed to help prevent the accidental or intentional loss of corporate data, prevent password related attacks, and prevent and respond to the installation of malware on a machine or in your environment. For example:

  • To protect against password related attacks Windows 10’s Microsoft Passport and Windows Hello use strong biometrics to eliminate the need for passwords and Credential Guard protects from pass the hash attacks – where hackers use one account to gain access to the credentials of another user – with new virtualization technology. Should a compromise occur Advanced Threat Analytics detects anomalous patterns and recommends configuration changes to help protect your environment and users. And Azure Active Directory simplifies password and identity management – for IT and users – by federating identities across business and consumer services to make maintain and signing into multiple services simpler and more secure.
  • To protect against accidental or intentional data loss Enterprise Mobility Suite (EMS) provides features that help IT protect and manage corporate applications and data on any Windows, iOS and Android device. As an increasing number of employees work from personal devices we are having to balance use privacy with the need to protect the confidentiality of corporate apps and data. To enable this scenario, today we started rolling out support for mobile application management without the need to enroll the device. We are also excited to announce that Box and Adobe will offer new Microsoft Intune native apps on iOS and Android to help prevent accidental sharing of confidential corporate data to personal locations or cloud services and, custom SAP Fiori mobile apps, built by customers using SAP Fiori mobile service, will also support Intune mobile app management. Azure Rights Management Services (RMS) protects nearly any type of data – in motion or at rest – and, once available, Windows 10 Enterprise Data Protection will take our data loss and protection efforts one step further by building personal /corporate data separation directly into the OS, with encryption and app restriction policies. Also, starting December 1, Customer Lockbox will offer customers full control over access to their data in Office 365 and Equivio Analytics for eDiscovery, which brings new machine learning and text analytics to help reduce the costs and risks inherent in managing large quantities of data for eDiscovery.
  • To protect against malware Windows 10 Device Guard uses a combination of hardware and software features to prevent the installation of untrusted or malicious code, Windows Defender provides built in protection for all Windows 10 users and Office 365’s Advanced Threat Protection helps protect against users inadvertently downloading and installing untrusted software.
  • To help you detect and respond to successful attacks Advanced Threat Analytics speeds up your response by detecting anomalous patterns and recommends configuration changes to protect you from current and future attacks while Azure Security Center, now in private preview, works with companies like Barracuda, Checkpoint, Cisco Systems Inc., CloudFlare, F5 Networks, Fortinet, Imperva, Incapsula, and Trend Micro Inc. to offer advanced, analytics-driven threat detection that helps you protect, detect and respond to security threats in real-time.

Improving our security posture

While there will always be new threats, new attacks and new technologies, companies can take action today to address security concerns and improve their security postures. It is critical for companies to strengthen their core security hygiene (across things like monitoring, antivirus, patch and operating systems), adopt modern platforms and comprehensive identity, security and management solutions, and leverage features offered within cloud services; and it is just as important to create education and awareness across employee populations in order to build and sustain a pervasive security culture.

I firmly believe that security is a journey and not a destination. It’s also an issue that must be addressed holistically by the industry and not by a single vendor. It’s only by working closely with our partners, the security ecosystem and governments around the world, that we can ensure consumers and businesses are able to trust the technology they use and don’t view security as a barrier to technology adoption.

You can learn more by watching Nadella’s keynote and reading the Office and Cloud + Enterprise blogs we published today.

Bret Arsenault, Chief Information Security Officer, Microsoft