Microsoft Announces New Approach to Security

Microsoft Announces New Approach to Security

Having famously halted development of its major products over a decade ago so it could usher in a new age of Trustworthy Computing, Microsoft this week said it was changing tactics again. And this time around, it’s shifting its security focus to focus on what it calls the mobile first, cloud first world.

“We don’t think of security as being a separate piece of technology,” Microsoft CEO Satya Nadella said during an appearance at the Microsoft Government Cloud Forum in Washington D.C. this morning. “It has to be core to the operational systems that you use, where your data resides, where your most critical applications usage is.”

Noting that Microsoft already invests over $1 billion in security research and development each year, Nadella said that his firm was building a new Cyber Defense Operations Center, a state-of-the-art facility that will be manned by security experts “24 x 7” who are tasked with responding to security threats in real-time.

Additionally, Microsoft is establishing an Enterprise Cybersecurity Group (ECG), which will work across Microsoft’s product divisions to help the enterprise modernize and better protect their IT infrastructure.

As you might imagine, Nadella also took some time to explain how Microsoft’s latest products, like Windows 10, Office 365, Microsoft Azure, and Microsoft Enterprise Mobility Suite (EMS), work together to deliver a more secure computing environment.

Windows 10, for example, provides biometric security access with its Windows Hello and Windows Passport technologies, plus Credential Guard for protection from so-called “pass the hash” attacks, which had been so successful in the past in helping attackers gain the access rights of users. And Windows 10’s Device Guard helps prevent the installation of untrusted or malicious code using a combination of hardware and software protections.

A similar feature in Office 365, called Advanced Threat Protection, helps protect users from inadvertently downloading and installing malicious software. And Microsoft is bringing Advanced eDiscovery to Office 365, too, helping to reduce the costs and time associated with sorting through large quantities of data for eDiscovery purposes.

EMS extends the security protections from Windows to other mobile platforms such as Android and iOS, and lets enterprises manage these devices from a single location. “Today we started rolling out support for mobile application management without the need to enroll the device,” Mr. Nadella wrote in a blog post. “We are also excited to announce that Box and Adobe will offer new Microsoft Intune native apps on iOS and Android to help prevent accidental sharing of confidential corporate data to personal locations or cloud services.”

“I firmly believe that security is a journey and not a destination,” Nadella concludes. “It’s also an issue that must be addressed holistically by the industry and not by a single vendor. It’s only by working closely with our partners, the security ecosystem and governments around the world, that we can ensure consumers and businesses are able to trust the technology they use and don’t view security as a barrier to technology adoption.”

You can watch a replay of Satya Nadella’s keynote on the Microsoft Enterprise Security web site.