Microsoft touts new, holistic approach to enterprise security

Announcements include Cyber Defense Operations Center that brings together security specialists

Microsoft is putting a lot of effort and money into building a holistic security platform that combines the attack protection, detection and response features built into Windows 10, Office 365, Azure and the Microsoft Enterprise Mobility Suite to help companies safeguard their data regardless of where it resides.

Talking at the Microsoft Government Cloud Forum in Washington, D.C., Microsoft CEO, Satya Nadella, said that company is spending more than $1 billion a year in research and development to build security into its products, because "security has to be core to the operational systems used by enterprises."

The company showed on stage how Windows 10’s Microsoft Passport, Windows Hello and Credential Guard provide secure authentication and integrate with Azure Active Directory; how Advanced Threat Analytics can detect anomalous login patterns, brute-force and pass-the-hash attacks; and how the Enterprise Mobility Suite (EMS) can be used to manage data and applications on mobile devices and work with Microsoft Intune and Azure Rights Management Services (RMS) to prevent accidental data leaks.

The company is also working with industry partners to integrate third-party apps and services into its own products. For example, the Azure Security Center, which is now in private preview, allows users to integrate threat detection and protection technologies into their cloud-based infrastructure from a number of security vendors including Barracuda, Checkpoint, Cisco Systems, CloudFlare, F5 Networks, Imperva, Incapsula, and Trend Micro.

Box, Adobe, and SAP Fiori will also provide native apps for Android and iOS that will integrate with Microsoft Intune, Microsoft's cloud-based mobile device management platform.

Internally, Microsoft has created a Cyber Defense Operations Center that brings together security response specialists from all of the company's different divisions. They work together to resolve security threats, but also to build the security intelligence that's then used by the company's products and is shared with partners.

To better serve its enterprise customers, Microsoft has also created a managed security services division called the Microsoft Enterprise Cybersecurity Group that will perform security assessments, monitor for threats and respond to cybersecurity incidents.

The new strategy, focused on operational security, has "been the biggest sea change inside Microsoft to get us to come up with new solutions, new technologies, that in turn help us really secure your environments," Nadella told the audience.

Join the CSO newsletter!

Error: Please check your email address.

Tags azureMicrosoftsecuritySatya Nadellaenterprise securityWindows 10softwareMicrosoft Enterprise Mobility Suitecloud computingOffice 365

More about AdvancedCiscoF5F5 NetworksImpervaMicrosoftRMSTrend Micro

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Lucian Constantin

Latest Videos

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

  • 150x50

    IDG Live Webinar:The right collaboration strategy will help your business take flight

    Speakers - Mike Harris, Engineering Services Manager, Jetstar - Christopher Johnson, IT Director APAC, 20th Century Fox - Brent Maxwell, Director of Information Systems, THE ICONIC - IDG MC/Moderator Anthony Caruana

    Play Video

More videos

Blog Posts