Microsoft’s Operational Security Posture a ‘Sea Change’ for Enterprise Security, says Nadella

posted in: Uncategorized | 0

Microsoft’s Operational Security Posture a ‘Sea Change’ for Enterprise Security, says Nadella – 

It was one part State of the Union address, one part battle plan and one part manifesto. Perhaps it was both a dig at ISIS  and at the worldwide hacker group Anonymous (which this week declared a digital war on ISIS), telling both, “We’re on it, and we’re uniquely qualified.”

This morning, Microsoft CEO Satya Nadella delivered an impassioned keynote about what he is calling Microsoft’s Operational Security Posture, which he describes as a “sea change” in how the company approaches security.

He went on to describe how this new posture actively protects a Microsoft environment, regardless of size; demonstrated the technologies in real-time; and described how Microsoft protects itself using this new approach.

“Customers are not going to use this stuff if they can’t trust it”

Nadella began by describing the history of computing and information technology; how with mail came mail fraud, wire fraud over telegraph, radio and television, and finally, cybercrime. In each instance, individuals, companies, organizations and governments have responded collectively to use the very technology to attack the challenge, “And that’s what [Microsoft] is doing with cybersecurity,” he promises.

He went on to describe Microsoft’s mission to “empower every person and organization on the planet to achieve more…there isn’t a part of the economy from retail to healthcare to energy that is not using digital technology to drive information and transform itself. But customers are not going to use this technology if they can’t trust it.”

And, perhaps they don’t trust it. Nadella described 2015 as a “tough year around cybersecurity,” with just the top eight or so data breaches leading to 160 million data records being compromised. Part and parcel are the typically long delays between detection and response (around 299 days). The cost of all of this in terms of lost productivity and growth; about $3 trillion globally in an economy that is challenged for growth.

The Challenge of the Perimeterless Exercise

Nadella recalled the ease of erecting strong perimeters around four-wall enterprises, which were shattered by extended networks that touch customers directly through B2C and B2B, through extended CRM and supply chains. And in just a few years we have stepped up the pace of this connectivity via public cloud services with IaaS, PaaS, and increasingly turning to SaaS applications for mission critical business applications like CRM and ERP. Heap on top of all that trends like bring-your-own-device (BYOD) and bring-your-own SaaS solutions, and with the promise of the Internet of Things, “computing will be ubiquitous, with sensors in every room, every conf room, every living room,” Nadella predicts.

In short, attacks and attackers can come from anywhere. Ours is a perimeterless world under constant attack. And, says Nadella, “That’s the environment we have to deal with.”

Microsoft’s Unique “Security Posture”

Nadella describes Microsoft’s unique ability to take leadership in cybersecurity; it runs some of the largest consumer internet services like Xbox Live, and on the business side with Office 365, Dynamics CRM Online and Azure. That, says Nadella “Gives us a pretty unigue perspective [and] a great sampling in terms of attack vectors and how [one] responds to them.”

Already the company:

  • updates 1 billion devices per month with security patches;
  • runs what it claims is the world’s largest antimalware/antivirus service as part of Windows;
  • inspects more than 200 million emails as part of Microsoft Office to look for attachments with malware associated with them before delivering them to inboxes;
  • and performs about 300 billion authentications every month, between the identities of consumers and businesses in our network.

The Operational Security Posture a “Sea Change”

A so-connected world, in which we no longer protect endpoints but data centers and even HVAC systems as well, requires ceaseless protection. Nadella describes Microsoft’s Operational Security Posture as “perhaps the biggest sea change inside of Microsoft to come up with new solutions new technologies to help us really secure your environments.” The approach the company is taking has three key elements:

  1. Building out a comprehensive platform for customers to be able to run that loop from protection to detection to response;
  2. Complementing that platform with an intelligence fabric Microsoft has and its Operational Security Posture as well as a set of proactive and reactive services in the field “so that we can help secure your env on a continual basis”;
  3. Partnering broadly with the rest of the IT industry. “We know that we don’t operate in isolation,” said Nadella. “You all have a heterogeneous environment, and we need to operate in it.

Microsoft spends over $1 billion in research and development each year building security into its mainstream products of Windows 10, Office 365, and Azure, he says.

“We don’t think of security as a separate piece of technology; it has to be core to the applications you use, where your data resides and your most critical application usage is,” including integrated third-party applications in a heterogeneous environment.

Two capabilities become especially critical (and are described in detail below):

  1. Enterprise Mobility Suite [EMS] which Nadella describes as “Perhaps the most strategic security product that Microsoft has that helps enhance [a] secure posture in [enterprise],” and
  2. The Operational Management Suite [OMS], built around the infrastructure, “So you can manage security around all your machines, irrespective of hwere they are.

He went on to describe how the company is building security into the core of the Office 365 product with advanced protection services and a Lockbox feature (described below).

The specifics

Nadella welcomed Microsoft Office General Manager Julie White to the stage to drill down into specifics, which Microsoft’s Chief Information Security Office Bret Arsenault also drilled down into in a blog post.

The aim as Arsenault described them are for technologies that “work in tandem with each other, and solutions from the security ecosystem, to deliver a holistic, agile, security platform for today’s enterprise.”

To summarize them, innovations in Windows 10, Office 365, Microsoft Azure, and Microsoft Enterprise Mobility Suite (EMS) work in concert and with partner security solutions for a single, holistic, agile, security platform. Combined with insights from the intelligent security graph, these security features prevent accidental or intentional loss of corporate data; prevent password related attacks; and prevent and respond to the installation of malware on a machine or in your environment.

Among the solutions:

  • Windows 10’s Microsoft Passport and Windows Hello protect against password-related attacks, using instead strong biometrics (like facial or thumbprint identification) to eliminate the need for passwords; and Credential Guard protects from “pass the hash” attacks, wherein hackers use one account to gain access to the credentials of another user, accessed with new virtualization technology.
  • Should a compromise occur, Microsoft’s Advanced Threat Analytics detects anomalous patterns and recommends changes to configurations that protect your environment and users.
  • Azure Active Directory simplifies password and identity management (for both IT and users) by federating identities across business and consumer services to make maintain and signing into multiple services simpler and more secure.
  • Enterprise Mobility Suite (EMS) includes features that help IT protect and manage corporate applications and data on any Windows, iOS and Android device. BYOD usage mandates balancing the use of privacy with the need to protect confidentiality of corporate apps and data; so today Microsoft is rolling out support for mobile application management without the need to enroll the device. Both Box and Adobe will offer new Microsoft Intune native apps on iOS and Android which prevent accidental sharing of confidential corporate data to personal locations or cloud services; and even to custom SAP Fiori mobile apps built by customers using SAP Fiori mobile service, will also supports Intune mobile app management.
  • Azure Rights Management Services (RMS) protects nearly any type of data, both in motion and at rest; and once available, Windows 10 Enterprise Data Protection will take Microsoft’s data loss and protection efforts one step further by building personal /corporate data separation directly into the OS, with encryption and app restriction policies.
  • Also, starting December 1, Customer Lockbox will offer customers full control over access to their data in Office 365 and Equivio Analytics for eDiscovery, which brings new machine learning and text analytics to help reduce the costs and risks inherent in managing large quantities of data for eDiscovery.
  • Windows 10 Device Guard protects against malware using a combination of hardware and software features to prevent the installation of untrusted or malicious code, while Windows Defender provides built in protection for all Windows 10 users and Office 365’s Advanced Threat Protection helps protect against users inadvertently downloading and installing untrusted software.
  • Advanced Threat Analytics speeds up your response by detecting anomalous patterns and recommends configuration changes to protect you from current and future attacks, while Azure Security Center (now in private preview) works with companies like Barracuda, Checkpoint, Cisco Systems Inc., CloudFlare, F5 Networks, Imperva, Incapsula, and Trend Micro Inc. for advanced, analytics-driven threat detection that helps you protect, detect and respond to security threats in real-time.
About Dann Anthony Maurno

Dann Anthony Maurno is a seasoned business journalist who began his career as International Marketing Manager with Lilly Software, then moved on as a freelancer to write for such prestigious clients as CFO Magazine; Compliance Week;Manufacturing Business Technology; Decision Resources, Inc.; The Economist Intelligence Unit; and corporate clients such as Iron Mountain, Microsoft and SAP. He is the co-author of Thin Air: How Wireless Technology Supports Lean Initiatives(CRC/Productivity Press, 2010).

Dann can be reached at