Just over a year ago, Microsoft CEO Satya Nadella spelled out Microsoft’s unique approach to cybersecurity aimed at reducing an estimated $3 trillion dollars’ worth of potentially lost productivity and growth. The approach is based on a vision of individuals, companies, organizations and governments working together to address cybersecurity. It includes Microsoft’s commitment to provide a comprehensive security platform, build out an Intelligent Security Graph and partner broadly with the industry as part of a $1 billion annual investment in security. Today I’d like to share the progress we’ve made in our cybersecurity journey and highlight several new products and collaborations that further strengthen the security portfolio we offer our customers and bet our own business on every day.
Over the past year we’ve bolstered our security platform with new services like Microsoft Cloud App Security, Windows Defender Advanced Threat Protection (WDATP) and Office 365 Advanced Security Management. We’ve infused intelligence into security services, including Azure Security Center, Microsoft Advanced Threat Analytics and WDATP. We’ve also forged tighter connections with the industry by adding FireEye Insight Threat Intelligence to WDATP and announcing collaborations across Enterprise Mobility + Security with both Lookout and Ping Identity.
As a result of this work, there is a growing list of customers who are able to invest more time in transforming their businesses. Whole Foods Market rolled out Azure Active Directory Premium to all 91,000 employees, enabling single sign-on for the company’s 30 SaaS applications and eliminating the need for multiple passwords and different accounts – all while achieving 32 percent savings on its support contract. Merck was able to improve collaboration among its 50,000 employees while protecting its wealth of sensitive information using a combination of Azure Active Directory Premium and Office deploying Windows 10 to its more than 80,000 associates who work across 400 locations in 78 countries365. MARS is enabling a strong layer of security and authentication for its associates while on their smartphones, tablets or PCs from the office, at home or on the road.
Today we are sharing several more security technologies and services developed as part of the unique approach to cybersecurity that Satya outlined a year ago.
Comprehensive security platform
Microsoft is building a security platform that looks holistically across all of the critical endpoints of today’s cloud-first, mobile-first world. Few security tools have the ability to work across platforms and complex environments from on-premises to cloud or mobile. Our platform integrates security products and features across Azure, Windows, Office 365, SQL Server and more to better protect identities, apps, data, devices and infrastructure. Today that platform is getting even better.
- More commercial-grade security in Windows 10 and Surface: Windows 10, Surface Pro 3, Surface Pro 4 and Surface Book have been added to the NSA’s Commercial Solutions for Classified Programs (CSfC) list. Surface is also enabling enterprises to take ownership, modify, lock out and otherwise control hardware configuration, security and OS behaviors via Surface Enterprise Management Mode (SEMM). Windows is adding Windows Hello support for on-premises Active Directory only environments and introducing Dynamic Lock in the Windows 10 Creators Update to automatically lock a device when the customer is no longer within proximity. Read more from Rob Lefferts and the Windows & Devices Group here.
- Microsoft’s SQL platform continues to lead the market with advanced data security features. Today the team is announcing that Azure SQL Database Threat Detection will be generally available in April, providing a new layer of database security that uses machine learning to continuously monitor, profile and detect suspicious database activity to help customers detect and respond to potential threats. Read more here.
- Microsoft also announced the general availability of Enterprise Threat Detection, a managed security service that provides enterprises with state-of-the-art cyberattack detection and consulting capabilities. Using a combination of machine analytics, proprietary telemetry sources and dedicated human analysis, the service is uniquely positioned to continually monitor for advanced attacks in the rapidly evolving modern cyberthreat landscape. Learn more here.
- Azure Security Center and Operations Management Suite help organizations protect, detect and respond to sophisticated threats across cloud and datacenter resources. New capabilities in Azure Security Center available for preview include Just In Time network access to VMs, predictive application whitelisting and expanded Security Baselines with more than 100 recommended configurations defined by Microsoft and industry partners. Our research team continues to monitor the threat landscape and innovate on detection algorithms. Some new threat detections available to customers include Brute Force detections, outbound DDoS and Botnet detections, as well as new behavioral analytics for Windows and Linux VMs. Learn more about Azure Security Center and OMS enhancements here.
Microsoft’s platform acts on the real-time intelligence from our network of global threat monitoring and insights. Every second Microsoft adds hundreds of GBs worth of telemetry to our Intelligent Security Graph. Customers authenticate with our services over 450 billion times every month, and we scan 200 billion emails for malware and phishing each month. Intelligence data enabled Microsoft to block an average of 200,000 exploit kit attempts per day over the last six months.
We are making a number of announcements today that give customers greater visibility into their own security configuration and threats as well as insights into potentially redundant and unnecessary data.
- Today we are introducing Office 365 Secure Score, a new security analytics tool that helps IT pros assess the strength of their current Office 365 security configuration, and gives them the ability to model how incremental changes can enhance their security and reduce risk. Insurance leader The Hartford plans to consider our mutual customers’ Secure Score as a part of the cyber insurance underwriting process.
- We’re making Office 365 Threat Intelligence available in private preview. With general availability planned for later this quarter, Threat Intelligence provides near real-time insight into the global threat landscape to help customers stay ahead of cyberthreats.
- We’re now offering a public preview of Office 365 Advanced Data Governance, which applies machine learning to help customers find and eliminate unnecessary data that may be causing them needless risk.
Read more about today’s Office news here.
Microsoft is fostering a vibrant ecosystem of partners across the industry who are committed to working together to combat security threats on behalf of customers worldwide. We are active within the security research community and collaborate with other security vendors to ensure that customers have the best solutions available. I’m happy to share a few more additions to the ecosystem today.
- SailPoint, a respected leader in identity governance, today announced a collaboration with Microsoft to extend the value of Microsoft Azure Active Directory. SailPoint will add its identity governance capabilities to Azure Active Directory’s unique access management and identity protection services. The combination of services will cover the compliance, enhanced security and identity management needs of modern organizations in demanding industries such as health care and financial services.
- We are announcing a new learning path, Cybersecurity Administration, for our cornerstone program Microsoft Software & Systems Academy (MSSA), which is part of the company’s commitment to help service members gain the critical technology skills required for today’s high-paying IT STEM careers prior to transitioning to civilian life. The new learning path is in coordination with curriculum from (ISC)² and Embry-Riddle Aeronautical University (ERAU), both leaders in cybersecurity.
- Microsoft today published a new Enterprise Mobility + Security Playbook, which helps partners to keep customers secure on their favorite apps and devices – and to keep their company data protected.
Microsoft and the industry are working hard to give people the trust and peace of mind they need to move their businesses forward in today’s cloud-based economy — helping customers navigate a rapidly evolving cyberthreat landscape. More than 3 billion customer data records were breached in high-profile attacks last year. DDoS attacks of 100 gigabits per second were rare just a few months ago. Today we’re seeing attacks of more than 600 gigabits per second.
Customers are looking for affordable solutions that increase the efficiency and effectiveness of their security programs. The good news is that there have never been more or better security solutions to choose from. Whether you choose to work with Microsoft and our partners or not, I encourage everyone to revisit your security posture – both at home and at work – to make sure you’re taking full advantage of the security resources available to you.
You can hear more from Microsoft during the RSA Conference 2017 next week, when we’ll share additional details about our approach and our commitment to provide the platform, intelligence and partners that will help protect our customers now and into the future.