Most often, cyber security professionals make fun of Microsoft products until few years ago. Its due to the reason that its been considered one of the  notoriously full of dangerous bugs, and Microsoft was considered difficult to work with when it came to patching them.

For instance, the infamous Stuxnet worm, an attempt allegedly by USA spy agencies , to take down Iran’s nuclear facilities in 2010, apparently relied in part on bugs in Microsoft products , and Microsoft didn’t fully fix the vulnerability

In Nov 2015, Microsoft CEO Satya Nadella demonstrates the importance of ‘TRUST‘ in the digital business with cyber security. He believes that TRUST can be achieved via four pillars a) Privacy b) Compliance c) Transparency and d) Security. He also acknowledged that organizations are finding it difficult to figure out that whether or not its breached and the cost involved to DETECT is massive. Its because of the reason that with the connected economy the data is no longer within four walls of those organizations premises.

Perimeter less world

The world we live today where the attackers themselves are a lot more sophisticated, a lot more organized. So it’s a perimeter-less world, it’s a world that is constantly evolving, it’s dynamic. Microsoft today run some of the biggest Internet services, both on the consumer side with things like Xbox Live, as well as on the business or the commercial side with services like Office 365 and Dynamics and Azure.

For example, Microsoft update Windows a billion times a month.  A billion devices are upgraded each month for security patches, for compatibility, to make sure that that ecosystem remains vibrant. Microsoft run the world’s largest anti-malware, antivirus service as part of Windows. 

This technology inspect over 200 million emails as part of the Office 365 service for malware.  It examines the attachments that may have malware associated with them.

Detection

When it comes to detection, it’s no longer waiting to detect a signature and then coming up with a response and then deploying the remediation.  Microsoft now moved to much more of a behavioral approach where it can detect based on the behavior of the attack vector. And when it comes to response, this is perhaps the area that is going through the sea change in terms of how it can respond.  Office 365 as a service means it’s no longer just about giving you the tools but it’s about actually ensuring security data, of your tenant in the service.

Secret Sauce (Security Technology Ecosystem) 

Today – Microsoft’s products are led by state-of-the-art security, Windows 10 is starting to drive digital transformation for customers in the enterprise. The U.S. Department of Defense and Accenture are just a few of the customers deploying Windows 10 to millions of employees to help protect them with industry-leading security features like Credential Guard, Device Guard, Windows Hello, and new cloud-based security services like Windows Defender Advanced Threat Protection

MS Security Platform

At infrastructure level as it continues to move to the cloud in Azure Microsoft built a comprehensive security system with the Azure Security Center.  The Azure Security Center provides a central view of security settings across your entire Azure environment, with live monitoring of your security configuration to make sure there’s ongoing good security health. In addition now Microsoft working with technology partners like Trend Micro, Cisco, Fortinet and Checkpoint, as well as many more to come around anti-malware, as well as next-generation firewalls.

 

Azure Security Center Alerts

In Office 365 Microsoft considered to build security into the core of the product and the service.  The Advanced Threat Protection service is what gives you that capability to be able to detonate enclosures, or detonate these attachments before you deliver them to the inboxes.  The lockbox gives you the capability to secure your data, to encrypt your data and give only key access when required

ATP Block Diagram

Over the last year, we’ve introduced several new security and compliance capabilities to Office 365, including Advanced Threat Protection, Customer Lockbox and Advanced eDiscovery, which integrates Equivio. Together, these new security and compliance capabilities expand upon the market-leading, built-in security capabilities in Office 365

Microsoft recently announced that it will invest over $1 billion per year on cybersecurity research and development. That amount, which is equivalent to roughly 8% of its R&D spend over the past 12 months, doesn’t include any acquisitions that Microsoft might make. Let’s see why Microsoft is beefing up its cybersecurity efforts, and what that could mean for smaller players across the fragmented industry. This $1 billion annual budget includes acquisitions, hiring new execs, building a new state of the art facility and creating a new security group within Microsoft.

Microsoft has remained at the leading edge with a track record of security innovation and investment – most notably in Windows 10 (Read this blog). Also – Microsoft Ventures backs Illusive Networks, a cybersecurity firm that protects with deception (Read this blog).

 

Advertisements