31 Jul Microsoft view to providing reliable and affordable cyber security for business
First, let’s talk about the evolution of IT and evolution of threats. In the early days, we had hobbyists trying to break in for the fun of it. Teenagers in their garage trying to show themselves off to their friends. Early on IT was worried about mainframes, which was closely controlled, very few people had access to the physical machines, but as time went by, IT started dealing with client-server configurations, mobile devices connected to the network, and things started to be a little more complicated.
Perhaps the most detrimental change related to cyber-attack in the recent years is the increased monetization of attacks. Financial motive became the core reason for attackers, different groups are organized much like any other organization and increased the level of specialization such as reverse engineering, looking at protection applications and understanding how to break them, sometimes tailor a malware for a specific purpose and sell them. It became a “profession”.
IT software companies used to think about security as in removing the vulnerability they had in their software and running a virtual “fence” around the perimeter of their network environment. Now with all the different models of cloud, whether it is public cloud, private cloud, hybrid deployments of network infrastructure, IoT (Internet of Things), social media, and much more, it became exponentially more complex to protect the IT Infrastructure.
Some of the elements the modern organization faces today from an IT standpoint are:
- Enterprise Hybrid Environment: While migration to the cloud is almost inevitable, it will take years to migrate or retire all the legacy systems.
- Mobility is key: Increasing demand for seamless experience in mobile devices. Volume is exploding and diversity is also growing.
- IoT is growing: IoT adoption is creating demand for app development and cloud usage. The security methods for PCs are poorly applicable to IoT environment.
- Hostile Environment: Attacks are increasing and becoming more frequent and sophisticated. With new technologies coming up daily, it also creates blind spots and opportunities for attackers.
The environment today looks completely different from what it was even 5 years ago. In the new world, instead of thinking about security in respect to protecting your IT environment, physical location of your servers, setting up the perimeter around your network, and provisioning and controlling user identities allowed to connect to your “well protected” environment, the modern organization is required to reconsider security from an identity and device protection and controlling access to your data assets and applications in an environment that is not fully controlled by you (the cloud environment) or the identity of the user (credentials) are not provisioned by you either.
In the modern organization, Identity is the new perimeter, the idea that you must control all of these access from different devices to the data that you control and wants to make available to your employees and associates. In the modern world, an organization must be agile and efficient in regard to threat detection, automated and integrated security tools is the new order in an IT environment.
Just based on the sheer number of attacks every day, it is impossible to guarantee 100% protection, understanding how to detect and respond to an intrusion is as crucial as working on preventing the intrusion.
There is an additional component of protection and data handling compliance if you are dealing with regulated data such as PII (Personal Identifiable Information). More and more regulations are being created as is the example of GDPR (General Data Protection Regulation) issued by the European Parliament, the Council of the European Union and the European Commission released in April 2016 and it will be enforceable starting in May 2018.
The four components a good operating platform must provide regarding security are:
- Identity and Access Management
- Threat Protection
- Information Protection
- Security Management
There are many specific solutions out there to address different aspects of the components listed above. Microsoft is working on providing an integrated and comprehensive solution to address the challenges of cybersecurity. Microsoft Enterprise Mobility and Security is an affordable suite of tools you can license from Microsoft that works on hybrid environments (cloud and on-premise) as well as cross-platform protecting other devices such as iOS and Android.
Some of the high-level capability of Microsoft EMS includes:
- Conditional Access: It is about making smart access decisions based on intelligence collected from properly monitoring the network.
- Healthy of the Device: Check the device for vulnerabilities and control access based on the location where the user is logging in from.
- Multi-factor Authentication: MFA can be required if users are logging in from a different device he usually logs in with or in a different location.
- Security Updates: Check on the latest security updates and require users to have the latest security patch installed before they can access the data.
- Information Protection: Controlling access to document and emails making sure only the people your intent to share the document with can see the document or email. Also, protection and access control will travel with the document independent of your network environment.
- Security Management: It is all about getting visibility and control with tools to monitor and alert IT administrators to any suspicious activities in the network.
Cybersecurity is a never-ending battle between that will not end anytime soon. Having a robust yet integrated suite of tools to help protect and react from cyber attacks is already a fundamental part of an IT department.