Microsoft is launching today its new CloudKnox Permissions Management solution in public preview. The cloud infrastructure entitlements management (CIEM) platform provides Azure Active Directory (AAD) customers with a unified solution through which they have visibility over users, identities, and permissions, as well as workloads across hybrid and multi-cloud environments.
Microsoft says that users will be able to enable and deploy the CloudKnox Permissions Management service via the Azure AD portal. Organizations can use the dashboard to protect their cloud-based resources. This will be accomplished by AI-powered anomaly and outlier detection alerts and automated enforcement of policies. It also provides a Permission Creep Index metric that gives a comprehensive view of high severity permission risks across cloud infrastructures.
“To protect their infrastructure from these risks, organizations need granular visibility to effectively manage identities and their permissions across their multicloud environment. CloudKnox Permissions Management discovers, manages, protects, and governs permissions of all identities, both users and workloads across the three key cloud providers – Amazon Web Services (AWS), Google Cloud Platform (GCP), and Microsoft Azure,” explained Alex Simons, CVP of Program Management, Identity at Microsoft.
In addition to this, Microsoft Sentinel is also getting some new security capabilities that should help users to access and analyze data. Microsoft has added a new log type that enables users to detect security threats hidden in large volumes of data. There is also a new data archiving feature that extends the default data retention policy from 2 to 7 years. For security experts, Microsoft is introducing a new search capability to let them scan data stored in logs, archives, and analytics for security vulnerabilities.
Microsoft has announced that its new Azure Payment Hardware Security Module (HSM) service will go live in public preview this month. This new service brings a new secure payment processing mechanism to ensure the security of cryptographic keys and personal identification numbers (PINs) stored in the cloud. The Identity Protection tool is now available for Azure Active Directory (AAD) customers to help them protect workload identities.
Finally, Microsoft Endpoint Manager is getting some new features that allow IT Admins to create and apply a custom “compliance policy” for macOS and “conditional launch requirements” for Android devices.