Microsoft says new capabilities for its cloud services are part of a new vision of security outlined by Satya Nadella last year
Microsoft has detailed a number of security enhancements for Office 365 and its Azure cloud platform, as well as plans for integrations with third parties.
Bret Arsenault, Microsoft CISO, said the improvements – part of a “new approach” for enterprise security at the company would allow it and its customers to stay ahead of attackers through the use of analytics.
“As attackers get more sophisticated, we need to evolve our ability to get real-time insights and predictive intelligence across our network so we can stay a step ahead of the threats,” he said. “We must be able to correlate our security data with our threat intelligence data to know good from bad. And we must leverage the industry and our partners to ensure a broad, comprehensive approach.
Office 365 improvements
“These three things align with the approach Microsoft brings to security for our customers – a holistic, agile security platform, informed by insights from our intelligent security graph and integration with partners and the industry.
Microsoft is bringing Software as a Service (SaaS) data protection technology acquired in the purchase of Adallom to Office 365 and Azure in the form of Microsoft Cloud App Security, which will be available from April, and claims to offer admins the same level of visibility and control with cloud apps like Office 365, Box and Salesforce as on-premise architecture.
Office 365 will also provide alerts to admins when suspicious activity is detected and allow IT departments to see what cloud services employees are connecting to, as well as the ability to revoke permission for third party services.
More security and reporting options will be added to Microsoft Azure too, allowing customer to set separate policies for individual workloads.
A new Power BI dashboard analyses and visualises security recommendations and reports, while a revamped Microsoft Operations Management Suite (OMS) will offer more insight into customer data centres, providing information about events, network activity and system updates.
Microsoft’s Intelligent Security Graph, which analyses billions of sources to detect attacks, will power Azure Active Directory Identity Protection. Now in public preview, the service analyses up to 14 billion daily logins to detect suspicious activity such as brute force attacks, leaked credentials, sign ins from unfamiliar locations and infected devices. The results of this analysis can be used to create automated responses.
Azure will also be given the same technology that analyses crash dumps on consumer PCs to check for compromised virtual machines and OMS will be updated to visualise when a server is communicating with a malicious IP address on an interactive map.
Finally, Microsoft says it will work with other firms to bring their products, such as Cisco’s next generation firewalls, into the Azure security centre so admins can view and respond to security issues in one place.
“No single company can solve the security challenges that our customers face today, which is why the security ecosystem, and all of our security partners, are key to our approach,” added Arsenault. “Today we are announcing new Azure Security Center partner solutions that make it easier than ever for customers to bring their trusted security solutions with them to the cloud.”
In November, Microsoft CEO Satya Nadella outlined how he felt the new cloud-first Microsoft is uniquely positioned to protect businesses and consumers from the array of cyber threats as people and companies move away from fixed perimeter computing and into a constantly connecting world.
Nadella also said previous approaches to security had focused on fixed infrastructure around which a perimeter fence could be erected – an approach he said wouldn’t work in a cloud, BYOD era and as we move towards the Internet of Things. Microsoft will reveal more security updates at the RSA conference next week.
“Our customers can get started using the technology we announced today to better protect themselves from current and emerging threats,” concluded Arsenault. “At next week’s RSA Conference 2016 we’ll share more about our approach and our commitment to provide the platform, intelligence and partners that will help protect our customers now and into the future.”