Ignite, Microsoft’s global trade show, wrapped up at the end of September in Atlanta, GA. Here are five things I learned while at the show:
- Microsoft invests a lot of money in SECURITY – over $1B in fact. There were several new security announcements spanning cloud, mobile, and server. While we focus primarily on security solutions for public cloud workloads, it was impressive to see the new capabilities built in across the portfolio. Brad Anderson, Corporate Vice President of the Enterprise Client & Mobility (ECM) team, covered multiple demos in his breakout. Microsoft strives to embed these technologies into the toolset so users can use these platforms securely, and intuitively. Two highlights: EMS has enhanced DLP capabilities that help prevent that accidental email of confidential info (yes, we’ve all done it), and the new Cloud App Security service can help you figure out what SaaS services are being used (and the risk associated with those platforms based on their implementation of various security best practices and technologies).
- Data makes security better – and you can tap into the Intelligent Security Graph! Microsoft sources information from their install base, the Microsoft Digital Crimes unit, 3rd party threat intelligence feeds, and actual cyberattacks on Azure and other Microsoft platforms to identify new methods and tools used to compromise security. This also includes tracking known bad actors. Machine learning is used to analyze this data and extract actionable threat intelligence. This information is then packaged into many of their security tools, including Advanced Threat Analytics, OMS, and the Azure Security Center.
- Microsoft IT Showcase is a great resource. Microsoft is a large organization. They also have a large vendor and partner ecosystem. Seth Malcolm works in Microsoft IT, and he gave a quick overview of how they approached to securing their corporate environment by starting with a data classification and risk management model. I wasn’t able to find a recording of their theater presentation, but I highly recommend speaking with the Showcase team at their next event.
- Azure Security Center is continuing to mature. A new category for vulnerability assessment was added to ASC. Ensuring your operating systems and applications are up to date is critical for publicly facing workloads. Many organizations use the cloud for these types of workloads, so it is great to see these solutions are highlighted as part of the ASC platform. Sarah Fender highlighted updates to ASC in her session. Seeing the correlation of multiple events into a Security Alert was just one example of how machine learning can be used to cut down on all of the noise.
- Microsoft is committed to empowering you and your organization to stay secure. One thing to keep in mind when using Azure and other Microsoft cloud services is the responsibility of securing those workloads and services is shared between you and Microsoft. Many of these tools can be used to address your requirements in the shared responsibility model – such as using Azure Active Directory for Identity and Access Management. It is still up to you to deploy, configure, and manage these tools. However, for workloads running on Azure or Office 365, Microsoft is responsible for some of the aspects – such as physical access to the datacenters hosting the infrastructure. All of these new capabilities are sure to spark some discussions on how to improve security in your organization, and moving workloads to the cloud should be considered as well.
MS Ignite was a great show, and we’re looking forward to attending it next year in Orlando. We hope to see you there!