An Incredible Week at Microsoft Inspire 2019 – Modern Workplace Security
Microsoft partners held center stage at the 2019 Microsoft Inspire conference in Las Vegas, and a lot of the focus was on their Microsoft 365 Modern Workplace offerings. This blog will focus on some of Microsoft’s Modern Workplace security announcements.
Click here to read about some of the exciting new Windows Modern Workplace virtualization announcements.
The best security partners are those that have the ability to gather the most security signal data and intelligently decipher it. This enables partners to provide baselines that represent normal activity and identify unusual activity that could be a potential security incident. Microsoft has used machine learning and AI to process over 6.5 billion security signals daily, and they’ve used this to create a very robust set of security features within Microsoft 365.
Microsoft has also seen tremendous growth with their Enterprise Mobility + Security (EM+S) product suite. EM+S seats grew by triple digit percentages to over 100 million seats last year, with most of the growth being driven by security. During the conference, Microsoft highlighted the 4 pillars of their security strategy with Microsoft 365 and EM+S:
- Identity and Access Management – Microsoft analyzed the 450 billion authentication requests that they process via Azure Active Directory on a monthly basis, and determined that traditional authentication (username and password) no longer provide sufficient protection for clients. Adding multi-factor authentication (MFA) and trusted network access can help, but if you assume that every resource on the internet – users, devices and workloads – are all at risk, then you need to adopt a zero trust methodology. Microsoft demonstrated how zero trust can be implemented with Azure AD via enabling conditional access. Over 35 million active Azure AD accounts benefit from conditional access today, representing a 300% growth year over year. This can be difficult to set up without adversely affecting your users, but Navisite can help you via our guided Microsoft 365 onboarding and our Microsoft 365 Managed Services.
- Threat Protection – During the conference, Microsoft mentioned that the average duration of a hacked account being leveraged without anyone noticing is over 200 days. Microsoft highlighted two products that can significantly help reduce this risk. The first, Office 365 Advanced Threat Protection (O365 ATP) helps protect users from phishing attempts in malicious URLs and attachments sent via email. The other product, Azure Advanced Threat Protection (Azure ATP), is a cloud-based solution that monitors your users and will alert you if any suspicious activity occurs. Some of the examples of suspicious activity include compromised credentials (impossible logins, brute force password attempts, user group membership changes), lateral movements (Pass the Ticket, Pass the Hash), and domain dominance (malicious domain controller replication, DC Shadow attacks). Navisite reviews the deployment of these products during our Microsoft 365 onboarding service and help you get started with protecting your users quickly and effectively.
- Data and Information Protection – Several demonstrations at Inspire highlighted how policies within Azure Information Protection (AIP) and Data Loss Prevention (DLP) work together to enable customers to identify sensitive data in documents, label the documents as sensitive and confidential, encrypt sensitive documents, and prevent them from being shared both within and outside your organization. Microsoft also provided demonstrations of their Cloud App Security product, which functions as a Cloud App Security Broker (CASB) and provides administrators with the ability to catalog cloud applications in use by their user community and control access to them with conditional access, blacklist/whitelist, and other means. These products provide out-of-the-box policies that most customers can immediately use, but Navisite’s Managed Services for Microsoft 365 can help you implement these policies to meet your specific business and security requirements.
- Security Management – Microsoft Secure Score and Azure Sentinel were the primary focal points here. Secure Score enables you to quickly and easily assess your security posture as it relates to your Microsoft cloud environment, and recommend activities to further increase your security (and vis a vis your Secure Score). Microsoft strongly recommended that partners feature Secure Score in all of their service offerings to help customers take full advantage of their rich security features and products. Navisite has incorporated Secure Score into our Microsoft 365 service offering via reviewing it with customers on bi-annual basis. We’re also working to include Secure Score information within our Proximity portal for additional customer visibility. Azure Sentinel is a next-generation SIEM (Security Information and Event Management) platform that provides 4 major benefits to customers:
- Collection of data across users, devices, applications and infrastructure
- Detection of threats and minimization of false positives
- Investigation of threats via AI, machine learning and Microsoft’s massive security data store
- Response to security incidents with automated tools and administrator notification
Microsoft is clearly doubling down on their commitment to provide world class security for organizations. I was excited to see their continued enhancement and success with EM+S and the demonstrations of their Azure Sentinel technology.
Navisite’s Onboarding Services for Microsoft 365 can help you get these products and features up and running for your organization. Our Managed Services team can help continually update the product configurations to meet your organization’s evolving needs and security requirements.
We look forward to being your trusted advisor for the Microsoft Modern Workplace tools and enabling you to get the full value of your technology investment. To learn more about the services offered by Navisite, visit our Cloud Security and Compliance page, contact us, or call us at (888) 298-8222.