Stepping up protection with intelligent security

With digital transformation, technology becomes increasingly central to every business and organization. This makes ensuring cybersecurity increasingly important. And, as employees increase their use of mobile devices and cloud-based apps, protecting their work requires a new approach for IT. With 80% of employees admitting to the use of non-approved cloud apps for work, ensuring data protection cannot be left to employees to manage. To address these needs, Microsoft continues to … Read more »

New Microsoft 365 features to accelerate GDPR compliance

This post is authored by Alym Rayani, Director Office 365 Security.  New capabilities in Microsoft 365 help simplify your GDPR compliance journey Today we made several Microsoft 365 security and compliance announcements and updates as part of the news from the Microsoft Ignite conference. I wanted to share how these new capabilities provide customers with a more complete and protected solution to simplify their journey to compliance with the General … Read more »

Security at Microsoft Ignite

Microsoft Ignite begins this Sunday, September 24, with pre-day training and registration! The Microsoft Ignite event delivers the largest and most comprehensive perspective on the future of Enterprise technology at one conference. Everyone who attends— IT pros and Enterprise developers—gets inspiration, training, and connections to drive their business forward with Microsoft technology. 26,000+ IT and Enterprise developer customers and prospects come to collaborate and learn how Microsoft technology can help … Read more »

3 key tenets to help with security management

  This post is authored by Berk Veral, Director, Product Marketing, Enterprise Cybersecurity Group. Across industries, as attack methods have become more sophisticated and complex, organizations have been responding by deploying more security solutions, which in turn has tremendously increased the complexity of security management. Today, organizations must manage distributed resources across many environments, and given the constantly evolving threats, this means there are more attack surfaces that need to be … Read more »

New IIS functionality to help identify weak TLS usage

This post is authored by Andrew Marshall, Principal Security Program Manager, TwC Security, Yanbing Shi, Software Engineer, Internet Information Services Team, and Sourabh Shirhatti, Program Manager, Internet Information Services Team. As a follow-up to our announcement regarding TLS 1.2 support at Microsoft, we are announcing new functionality in Windows Server 2012R2 and Windows Server 2016 to increase your awareness of clients connecting to your services with weak security protocols or cipher … Read more »

Microsoft’s perspective on cyber resilience

This post is authored by Ann Johnson, Vice President, Enterprise Cybersecurity Group. In the wake of recent ransomware outbreaks, I wanted to understand how impacted firms have evolved their thinking on cyber resilience planning and implementation. I asked the Detection and Response Team at Microsoft, who help our customers proactively and in real time to respond and recover from cyberattacks, to share their experiences. I’ve included below a few anonymized … Read more »

Microsoft Security Intelligence Report Volume 22 is now available

The latest volume of the Microsoft Security Intelligence Report is now available for free download at This new volume of the report includes threat data from the first quarter of 2017. The report also provides specific threat data for over 100 countries/regions. As mentioned in a recent blog, using the tremendous breadth and depth of signal and intelligence from our various cloud and on-premises solutions deployed globally, we investigate … Read more »

The world of eroding privacy: tips on how to stay secure

At the intersection of limes, teenagers, and privacy This post is authored by Ann Johnson, Vice President, Enterprise Cybersecurity Group. We will come to limes later in this blog, and they are relevant. But let me begin with one defining statement: I am the parent of a teenager, and the year is 2017. As the parent of an age group that is best described as unpredictable on good days, one … Read more »

Top 5 best practices to automate security operations

This post is authored by Jonathan Trull, Worldwide Executive Cybersecurity Advisor, Enterprise Cybersecurity Group. And by Vidhi Agarwal, Senior Security Program Manager, Microsoft Security Response Center (MSRC).  Within the information security community, one of the emerging areas of focus and investment is the concept of security automation and orchestration. Although the topic is not necessarily new, it has taken on increased importance due to several industry trends. Before diving into the … Read more »

5 Reasons why Microsoft should be your cybersecurity ally

When you think about cybersecurity, does Microsoft come to mind? Probably not. Here are 5 reasons why enterprises should consider partnering with Microsoft on cybersecurity: 1. Strong Commitment to Cybersecurity Significant security investments. Microsoft invests over $1 billion annually on security. Microsoft has invested significantly towards building security into our core technologies like Windows, Office, and Azure, and in making strategic acquisitions of security technologies that enhance the investments customers … Read more »