Microsoft 365 security: Protecting users from an ever-evolving threat landscape
In this age of frequent security and data breaches, the statement “We take our customers’ privacy and security very seriously” has been heard from breached companies so often as to become a point of mockery, anger and frustration.
But when Rob Lefferts, CVP of Microsoft 365 Security and Compliance, tells me the same thing (and the statement is not in response to a security breach), I believe him. If they didn’t, this cloud-based SaaS offering would surely not have become as widely used as it has, especially not in enterprise settings.
The thing is, that statement is not what everybody wants it to be: a guarantee of impenetrable security measures. Instead, it represents (or should represent) a promise of keeping pace with the evolving threat landscape and doing one’s best to fend off potential attackers and prevent unfortunate mistakes.
Breaches happen and will continue to happen, everywhere and to everybody (yes, including Microsoft). But minimizing the possibility and keeping undesirable consequences to a minimum is what every company should strive for.
Achieving and keeping trust
“We believe we have a fundamental responsibility to help others succeed, because our success is built on the success of our customers,” Lefferts explains. “We want our customers to feel their data is protected in transit and at rest, on any device, and from the location of their choice.”
To achieve and keep their trust, the Microsoft Trusted Cloud is built on the principles of security, privacy, compliance, and transparency.
The company runs it with the principle of zero standing admin access, meaning that any access to customer data requires approval that is tightly monitored with high level reviews. They also have very strict identity and access credentials to ensure only people who have the appropriate permissions can access data.
“Office 365 is cloud-powered so we can use the insights from the Microsoft Security Graph, to which our partners contribute, to detect, prevent, remediate threats,” he adds, and points out that the company has more than 3,500 full-time security professionals that, along with AI tools, analyze more than 6.5 trillion global signals every day to extracts insights that will help in that never-ending battle.
Microsoft 365 security
The various “components” of Microsoft 365 – Office 365, Windows 10, and Enterprise Mobility + Security – come with their own built-in protections.
Office 365 features anti-malware and anti-phishing tools. To allow them to be as effective as they can be, Lefferts advises users to be extra cautious when it comes to disabling or dismissing any built-in warnings that come with the suite.
Office 365, like Windows 10, also gets additional protection through Microsoft Defender Advanced Threat Protection, the company’s unified endpoint security platform.
Threat and Vulnerability Management within Microsoft Defender ATP
“Microsoft Defender ATP uses built-in endpoint behavioral sensors to collect and process behavioral signals from the operating system and sends this sensor data to your private, isolated, compliant, cloud instance of Microsoft Defender ATP,” Lefferts explains.
“It also leverages big-data, machine-learning, and unique Microsoft optics across the Windows ecosystem, enterprise cloud products (including Office 365), and online assets, to deliver cloud security analytics, and recommended responses to advanced threats. On top of these automated capabilities, Microsoft Defender ATP also offers real-life threat experts to help determine next steps when an alert is generated.”
Microsoft also recently “ported” Microsoft Defender ATP to Macs and has added a new component to it which provides real-time, risk-based threat and vulnerability management.
Microsoft Secure Score
Finally, Microsoft Secure Score, which spans across devices, identity, applications, data, and infrastructure, can also help IT administrators assess the current state of their enterprise network, identify unprotected systems or endpoints, and take recommended actions to improve their score and harden their infrastructure.
Meeting regulatory standards
Microsoft 365 can easily be used by organizations in every industry, but Microsoft is trying to provide a solution that will cover a variety of role-based and industry-specific scenarios across industries such as retail, healthcare, financial services, and manufacturing.
“One of our biggest areas of focus is on empowering the world’s more than 2 billion first line workers, who work in roles that make them the first point of contact between a company and its customers or products. Over the last year, we’ve introduced new features in Teams that streamline previously manual tasks such as schedule management for shift workers, and secure messaging for healthcare teams,” he says.
Securely share images with smart camera
He also notes that many organizations in highly regulated industries have chosen Office 365 for its ability to help them meet regulatory standards for security, privacy and compliance.
“We treat regulatory compliance, and the operational baselines they assert, as one of the sources of our compliance controls,” he notes.
“We regularly review new or changing requirements to implement updates or additions so that our compliance controls are a curated superset. We work closely with our engineering teams to ensure how they are building and operating our services is consistent with these commitments.”