Have you ever wonder if the Microsoft’s Cloud is secure?
First of all, you are not the only one who has this question! Therefore I start with my conclusion. Yes, Microsoft is a trustful and reliable security organization. They are able to use capabilities of their Cloud platform to protect your identity and sensitive information. Microsoft invested more than 1 billion dollars to deliver continuously new capabilities, appropriate to the attacks of that moment. Money well spent because it adds more capabilities to their products and increases your security majority level. An example is the feature Azure Identity Protection for Enterprise Mobility & Security (EMS). The new capabilities and features are requested from organizations like yours. Because you can now directly collaborate with the product teams easier than before.
Everyday news about hack attempts is described in newspapers. A couple of years ago attacks are executed against a large group of computers (a.k.a. Lucky shots). Today we are seeing that this is no longer the case. Hackers are choosing specifically targeted users, for example, the CTO or CFO. The new strategy is in comparing with some years ago more easier. Due to the fact that we are using our company resources from any location, time and device. The majority of hackers doing their ‘job’ to earn money. Your intellectual properties or login credentials are worth a lot of money on the back market. Microsoft is using their Cloud platform and Artificial Intelligence (AI) to inform you about threats and risk-levels.
Investigation of 100’s attacks has shown that an attacker has access for at least 200 days before discovered. So, imagine that someone sits on your couch without your noticing it. What kind of shit will he make? We already concluded that the expectation of employees is to work from anywhere. Traditional firewalls only protect the workplaces if the devices are connected to the on-premises network.
Finally, we need to realize the new security defense strategy requires to support anyplace online scenario’s. Above all, we need to start using Artificial Intelligence capabilities like the Microsoft Cloud because traditional options are no longer enough.
Real live example security incident
I introduced Azure Identity Protection (AIP) and configured the risk actions. One of those actions was to block any login attempt from infected computers. Keep in mind we are talking about any workplace in the world not only the workplaces the organization is managing. One day the Chief Technology Officer (CTO) walked by pissed off because he was not able to work from his personal computer. After a short investigation access was blocked because his computer was marked as an infected device. If you are wondering how the infection took place, simply by allowing his son to download illegal content like games.
My common practices are
- Do security for anyone or nobody! Make no exceptions, so even if it is someone of C-Level management and it can potentially have an impact on his work.
- Choose the Microsoft Cloud and Artificial Intelligence to help your organization improve your security maturity level.
- Investigate the possibilities to migrate the primary Identity Management Systems from on-premises Active Directory to the Cloud – Azure Active Directory.