Skip to main content
Business IT

A simple guide to Microsoft Security

By 28th Jun 2021No Comments

Simplify and fortify security with Microsoft Security solutions

Ageing technology increases risks

Cyber threats are becoming more sophisticated, targetting ageing technology. Legacy technology in your business creates barriers that are easy targets for cybercriminals. Simply maintaining your technology impeded innovation in your business, and is not enough when it comes to cybersecurity. Some of the biggest data breaches come from either human error or the use of old, unsecured technology. Notably:

  1. Ster-Kinekor (2016): over 16 million customer details exposed due to a website flaw
  2. eThekwini Municipality’s (2016): 98 000 residents details were accessible without authentication
  3. Dracare Data Sciences (2017): 50 million South African’s enriched data was sold to a real estate company and the database was leaked online
  4. ViewFines.co.za (2018):  Over 900 thousand customer details were publicly leaked through negligence whilst migrating their website
  5. Facebook (2018): 59 777 South African Facebook users had their personal information leaked as part of the Cambridge Analytica scandal.
  6. Experian (2020): 24 million South Africans and 700 thousand businesses’ personal data was breached and leaked on several public websites.

A strong security posture is critical

In just minutes, a breach can damage customer trust for a lifetime. In 2016, 4.2 billion records were stolen by hackers. 20% of organisations lose customers during an attack. 30% of organisations lose revenue during an attack. 28% of attacks come from the inside, making them harder to detect. Shockingly, most attacks take minutes or less to compromise a business whilst more than two-thirds of attacks go undiscovered for months.

Security is a top priority for senior executives. According to the 2018 Verizon Data Breach Investigation Report, last year there were 53,308 security incidents and 2,216 data breaches across 65 countries

New threats and inside jobs have made it harder than ever for IT to secure data and applications.

Microsoft integrated security

Simplify and fortify security with Microsoft Security solutions

Microsoft Integrated Security delivers an intelligent, unified enterprise defence solution that provides comprehensive protection against attacks.

Microsoft Integrated Security takes a holistic approach to securing your organization’s IT and data environment across 4 key vectors: identity & access management, protection against threats, safeguarding of data-at-rest and in-transit, and comprehensive visibility and control over your security ecosystem.

Microsoft Integrated Security delivers an intelligent, unified enterprise defence solution that provides comprehensive protection against attacks. This 360-degree approach reduces costs, effectively secures public/private cloud environments, and leverages the world’s largest, most trusted, and most committed security presence.

Microsoft Integrated Security takes a holistic approach to securing your organization’s IT and data environment across 4 key vectors: identity & access management, protection against threats, safeguarding of data-at-rest and in-transit, and comprehensive visibility and control over your security ecosystem. This integrated approach provides several critical benefits for your organization:

Reduce costs with an integrated solution:

  • Protect against every intrusion scenario by consolidating to a single provider and dashboard, eliminating extra IT security infrastructure
  • Empower coordination of protection, detection, response, and prevention across both Microsoft and 3rd party solutions on one platform
  • Securely manage ID & access across devices
  • Reduce licensing costs up to 52% with integrated cloud solutions, a significantly lower TCO than a patchwork approach

Secure hybrid environments effectively

  • Protect against other cloud and on-premises infrastructure as organizations move to public clouds
  • Reinforce and keep pace with growth in security data
  • Accelerate security outcomes while reducing hardware and operational costs

Employ the world’s largest and most trusted security presence

  • Best in class across five security solutions categories
  • Ensure confidence with Microsoft Security’s impeccable legacy.
  • Trust resources that process a greater volume of data than anywhere else
  • Fight against threats with config monitoring, EDR, application control, network segmentation (with support extending to container and serverless workloads)

Identity and access management

Protect users’ identities and control access to valuable resources based on user risk level. Prove users are authorized and secure before granting access to apps and data.

Microsoft’s Identity and Access Management solution and technologies are designed to prove users authorized before granted access and apps to data. If identity is our new control plane and our perimeter, we need to protect those identities and protect our organization from identity breaches.

Here we will focus on three key areas:

First, protecting at the front door. No matter where you’re accessing from, we will help you to protect your organization. No matter where you’re coming in, we will be the first line of defence to protect your organization. So we build that security into your user’s experience.

But that security we build in needs to be simple. At Microsoft, we heavily invest in making that security simple. Why? As we have seen the statistics earlier, users will bypass any protection if we don’t make it simple. Passwords are not sustainable, they’re weak and they’re not the best form of authentication. I heard from one of the customers, the opposite of security is convenience. Our job is to make sure that the experience is convenient and yet secure. And remember another important distinction: security needs to be almost invisible but not completely invisible, Because otherwise, we won’t know if our security is breached. We need to get indications that we’re protected. We need to strike a balance.

Sadly, there are no technologies that can change passwords overnight. This is why we also help you safeguard credentials, we help you protect credentials – privileged and non-privileged ones – in the first place.

Threat protection

Microsoft believes the goal for threat protection should be:

  • Enabling organizations to protect themselves from advanced cyber attacks.
  • Providing organizations with solutions that can help detect suspicious behaviour within the organization.
  • Finally, since no security solution is ever 100% effective, there must be processes and tools to quickly respond to threats that enable damage control and limit the effects of an attack.

With these targeted solutions in mind, Microsoft has built Threat Protection security services that are ideal for today’s businesses. We offer a combination of traditional approaches such as anti-malware and innovations such as user and entity behaviour analytics (UEBA) and endpoint detection and response (EDR). We are investing in both the prevention of attacks and post-breach detection and response.

Information protection

We see four primary elements of the information protection lifecycle: Detect, classify, protect and monitor. Each step has its own set of requirements and unique considerations.

First, let’s talk about the Detect phase: Detecting sensitive data is the first step. As data travels to various locations – often outside of the organization’s environment, you want to know what sensitive data you have and its location. Data may have different levels of sensitivity, and not all data needs the same level of protection.

Classify: After sensitive data has been detected, it’s important to classify the data into distinct categories so that custom controls, such as policies and actions, can be applied. Once the classification scheme is set by the organization, policies can be configured and customized so that sensitive data such as intellectual property, customer info, health records, etc., are protected, stored and shared in a manner that adheres to the organization’s unique requirements. Classification and labelling persist with the file and can be understood and honoured by other services, avoiding the need to reclassify and re-label throughout the file’s journey.

Protect: Classifying and labelling data often results in a policy rule to apply some level of protection to sensitive data.

Monitor: Gaining visibility into how users are using or distributing sensitive information is an important component of your information protection strategy. In the case of unexpected activity or events involving sensitive information, organizations also need to be able to respond quickly and accurately.

Microsoft’s information protection solutions address each of these steps. This includes protecting sensitive information across Devices, SaaS applications and cloud services, as well as on-premises environments.

Intelligent security management

An effective security management solution is not about a single console. Effective security management integrates where it counts, but also offers specialized tools for different functions.

We can help you consolidate from many to few while ensuring that your specialized teams have the flexibility and freedom to manage their security as per the unique needs of that component, whether it is identity, devices, apps or infrastructure.

However, the key that makes Microsoft security management consoles much more effective is intelligence sharing, which helps your organization maintain a consistent and robust security posture.

With Microsoft, intelligence is shared through the Microsoft Intelligent Security Graph. Harnessing the power of machine learning, processing trillions of pieces of data from billions of devices, we make the security management solutions work for you. This shared intelligence is leveraged by the management consoles across Identity, Devices, Apps & Data and Infrastructure- helping security admins and operation centre teams to get important information optimized for their workloads.

The key for a CISO’s success in managing security is not about a single console across everything, but integration wherever it makes sense. You don’t need all the point solutions to manage, data points to sift through to secure your end-user devices and expanding networks.

With single vendor mgmt., built-in controls that come with MS solutions and unmatched intelligence, Microsoft becomes your trusted partner in achieving intelligent security management.

In short, Microsoft provides you intelligent security management with:

  • Specialized Controls based on your security teams’ needs;
  • Visibility where needed;
  • And Guidance on how to harden your organization’s security posture based on unmatched intelligence.

 

“Azure gives us the ability to improve the analysis of the risks of change resulting from climate change to a new level.”

Robin Johnson: CIO – Munich Re

 

Leave a Reply