Microsoft is beefing up security measures across its suite of enterprise products, with a series of new features and programs designed to keep hackers out of systems and detect them quicker when inevitable intrusions occur.
The updates mainly concern Microsoft 365 — a product that combines Office 365, Windows 10 and its Enterprise Mobility + Security — and fall under three umbrellas: protection, detecting intrusions and responding to them and working with partners across the industry. Like other tech giants, Microsoft has access to huge swaths of customer information and the company both has to protect its own data and build its tools to help customers do the same.
Microsoft also announced a new security product aimed at device makers building for the Internet of Things called Microsoft Azure Sphere. This includes a specialized microcontroller, a lightweight operating system designed with a custom Linux kernel (this is not your father’s Microsoft), and a cloud-based security service that watches over devices using this package. This is perhaps what CEO Satya Nadella was referring to a few months ago when he reminded the audience at a financial conference that Microsoft knows how to build its own chips.
Microsoft is detailing these announcements Monday as the annual RSA Conference focused on security takes place in San Francisco this week.
Kicking off the event, Microsoft President Brad Smith framed the urgency of the security issues. He called cyberspace “the new battlefield,” after devastating events like the WannaCry attack in 2017.
“For all of us who work with the technology that is this infrastructure of the future there is a huge responsibility, a responsibility that is far greater than anything that was envisioned when computers were first invented or when the internet became popular,” Smith said.
Andrew Conway, general manager of Microsoft 365 security, told GeekWire in an interview that the company spends $1 billion a year on cybersecurity research and development and employs more than 3,500 security professionals.
“For us, security is the baseline, without that there’s really nothing you can ensure on top of it,” Conway said.
Microsoft announced a new security product aimed at device makers building for the Internet of Things called Microsoft Azure Sphere. This includes a specialized microcontroller, a lightweight operating system designed with a custom Linux kernel (this is not your father’s Microsoft), and a cloud-based security service that watches over devices using this package. This is perhaps what CEO Satya Nadella was referring to a few months ago when he reminded the audience at a financial conference that Microsoft knows how to build its own chips.
The best possible outcome is to keep attackers out of your system all together. To help with that Microsoft is extending the Office 365 Secure Score to include Windows 10, so that everything from software to end-point devices are covered, giving IT staff the ability to make sure everything is up-to-date.
But most attackers are able to get into a system by taking advantage of people who aren’t as tech savvy. To help with that, Microsoft is offering a new Attack Simulator to help companies train their workers to prevent hacks.
“What we’re offering is the ability for customers to create their own attacks, their own attack campaigns against employees and to learn how users respond,” Conway said. “We like to say that every company has at least one person who will click on anything, and so this is about understanding how that works and how you can reduce attack surface.”
But even the most well-trained organizations can’t keep every attacker out. Microsoft is leveraging its investment in artificial intelligence to more quickly detect intrusions into its system and take care of common security tasks and alerts through updates to Windows Defender Advanced Threat Protection. Microsoft is extending Conditional Access, a program that looks at the risk of each request for access to a system or application and assess immediately how much access to give, to be able to lock out devices compromised by an attack.
With these updates, Microsoft will work with partners and customers on security in new ways. A new unified security API in the Microsoft Graph and the release of the Azure Information Protection Software Development Kit aim to help technology partners tap into Microsoft security solutions directly.
The company announced the Microsoft Intelligent Security Association, a group of technology providers who have integrated their solutions with Microsoft products with a goal of greater protection, dectection and response. So far, companies involved include Anomali, Check Point, Forcepoint, Palo Alto Networks, and Ziften.
“Security is a vast challenge for the industry,” Conway said. “It’s not solved by one particular vendor alone, and so it’s incumbent upon us to work with our partners across the industry to solve for this.”