Microsoft is a cloud-centric company, and it should thus come as no surprise that the company has turned to the cloud to enhance its existing security, and to use it to make its major products, like Microsoft 365 and Windows 10, more secure than ever.
By leveraging new technologies like machine learning and artificial intelligence to process huge amounts of data, Microsoft is actively developing new ways of protecting the end-users of its products directly from the cloud.
The company is currently hosting its Ignite conference, where it will be spending considerable time on security alone – the conference offers almost 150 sessions on the subject.
Microsoft is also using the gathering of developers and partners to announce its latest cloud-based security offerings. One of the biggest involves new communication options in Office 365, like the ability for Office 365 users to send encrypted messages to users of consumer services like Outlook.com and Gmail.
And as email remains the number one attack vector for cybercriminals to target people through phishing expeditions, Microsoft has launched an update to the Office 365 Advanced Threat Protection service that extends security coverage to things like links and files shared in SharePoint Online, OneDrive for business and collaboration and communication tool Teams.
Another major focus has been advances built into Azure Active Directory, Microsoft’s identity and access management system. By running the 450 billion authentications that the system processes every month through the cloud, the latest update to AAD allows Microsoft to gain insight into user behaviour and is able to build an “Intelligent Security Graph” and attach a “risk score” to every enterprise identity.
“One of the most valuable things that we’ve built ever is the intelligent security graph and that’s where we bring all of this data together. In that graph, every enterprise identity now has a risk score attached to it,” Microsoft’s Brad Anderson, CVP Microsoft Enterprise Mobility + Security, told TechCrunch’s Frederic Lardinois ahead of the announcements yesterday. “Having a lot of data is great, but having the right unique data is incredible.”
Other automatic threat detection mechanisms include Azure Advanced Threat Protection, which looks at who is accessing which files and at what time and where in order to determine mis-use and potential threats, and AI-based improvements to Windows Defender Advanced Threat Protection. Even cloud-based workloads are being looked at with a new tool called Azure Security Center, which automatically searches for potential threats in workloads that run across clouds.
Ignite runs this week until the 29th of September. If you’d like to see Microsoft’s “on-demand” content around the event, check out the official Ignite page.