Ignite 2021: Microsoft promotes Zero Trust security mindset

| |

At Ignite 2021, Microsoft is promoting the Zero Trust security mindset. With recent security breaches in mind, Microsoft believes the Zero Trust security mindset helps address and encompass “all types of threats, both outside in and inside out,” and is the “right approach is to address security, compliance, identity, and device management as an interdependent whole.”

For those who aren’t familiar with Microsoft’s terminology, the Zero Trust security news means that Microsoft is basically pushing four security innovations across what it is calling “identity, security, compliance, and skilling.”

To get there, Microsoft says the first step is to start with a cloud identity foundation, which includes strong authentication, protecting user credentials, and devices that are essential. Some of these things are coming to Azure Active Directory, as seen below.

  • Passwordless authentication, which eliminates one of the weakest links in security today, is now generally available for cloud and hybrid environments. Now you can create end-to-end experiences for all employees, so they no longer need passwords to sign in to the network
  • Passwordless authentication, which eliminates one of the weakest links in security today, is now generally available for cloud and hybrid environments. Now you can create end-to-end experiences for all employees, so they no longer need passwords to sign in to the network
  • Azure AD verifiable credentials is entering public preview in just a few weeks. Verifiable
    credentials let organizations confirm information—like their education or professional
    certifications someone provides—without collecting and storing their personal data.

Ignite 2021: Microsoft promotes Zero Trust security mindset OnMSFT.com March 2, 2021

As for the second security aspect, there are a bunch of improvements to Microsoft’s products coming here, too. Microsoft believes that they are taking a “holistic approach” to security, unlike other vendors which face “time-consuming challenge” to integrate both SIEM tools and endpoint or email protection. Their solutions are built from the ground up, with these new advancements, as seen below.

  • Microsoft Defender for Endpoint and Defender for Office 365 customers can now investigate and remediate threats from the Microsoft 365 Defender portal.
  • Incidents, schema, and user experiences are now common between Microsoft 365 Defender and Azure Sentinel.
  • New Threat Analytics provides a set of reports from expert Microsoft security
    researchers that help you understand, prevent and mitigate active threats.
  • Secured-core is coming to Windows Server and edge devices to help minimize risk from
    firmware vulnerabilities and advanced malware in IoT and hybrid cloud environments.

When it comes to the third aspect, Microsoft is also working on compliance protections, too. This relates to managing risks related to data, as well as third parties, too. This is why Microsoft is introducing the following. Full details are in this blog post.

  • Co-authoring of documents protected with Microsoft Information Protection
  • Microsoft 365 Insider Risk Management Analytics, which can identify potential insider risk activity within an organization and help inform policy configurations
  • Microsoft 365 now offers data loss prevention (DLP) for Chrome browsers and on-premises server-based environments such as file shares and SharePoint Server.
  • Azure Purview is integrated with Microsoft Information Protection, enabling you to apply the same sensitivity labels defined in Microsoft 365 Compliance Center to data residing in other clouds or on premises

Microsoftsecurity

The approach ends with the final aspect of skilling. This is one of the most simple, to help keep people up to date with the latest security issues, with learning resources. Microsoft is introducing four new security, compliance, and identity certifications tailored to specific roles and needs, regardless of where someone can be in their skilling journey. This includes the Security, Compliance, and Identity Fundamentals certification,  Information Protection Administrator Associate certification, Security Operations Analyst Associate certification, as well as the Identity and Access Administrator Associate certification. More information about today’s news is available here.

Share This Post:

Previous

Ignite 2021: Outlook gets new time management features on the web and mobile

Ignite 2021 – Watch the keynote with Satya Nadella, Alex Kipman and more

Next

Comments are closed.