Security is critical to every growing business and to customer satisfaction. Therefore, protecting customer data and other assets should be a top priority. Extensive security capabilities built into the Microsoft Azure platform, combined with the security tools and intelligence, provides all the tools you need to help improve your organization’s security mode. Use multi-layered, built-in security controls and unique threat intelligence from Azure to help identify and protect against rapidly evolving threats.
Security from the ground up
The cloud has some built-in advantages. Unlike the internet in general, it was built from the ground up with modern security and privacy in mind. Traditionally the internet and computer security safeguards have been bolted onto a tool rather built into it. With cloud infrastructure, security considerations are part of the development process.
In both security and privacy, Microsoft is thinking beyond responding to the short-term threats and looking ahead to how the cloud can remain secure a decade or more in the future. With tools like the intelligent security graph, the cloud benefits from a sort of group immunity. Any time Microsoft detects a security threat to Azure, Office 365 or another service running on that cloud platform, every other service gets the benefit of that knowledge.
Intelligent Security Graph
Microsoft tracks attempted attacks on its cloud — along with hundreds of billions of other pieces of data — in a huge system it calls the Microsoft Intelligent Security Graph.
It then uses a branch of artificial intelligence called machine learning to analyze those billions of pieces of data to improve its security defenses and hone its responses. A machine learning system is especially useful for this purpose because it can continually learn to spot new signs of attack as data pours in, refining and improving its algorithms with every new bit of information.
Identity-Driven Security and More
“The simplest attack is that people’s credentials are stolen through a variety of means, and then they masquerade around as you or me”
This raises a complex question beyond passwords; how does the system know if you really are you? To prevent these kinds of attacks, Microsoft uses machine learning and other analytics to spot abnormalities in people’s behavior such as logging on from a different location or doing unusual things once in the system.
Microsoft has worked to make more user-friendly systems to protect against that kind of attack, creating tools such as multi-factor authentication that aren’t cumbersome to use. That includes tools like Windows Hello, which uses fingerprint or facial recognition instead of a traditional password.
These identity-driven security offerings are just a few of the tools Microsoft uses to keep its clients’ data safe and private. It’s also constantly taking other steps, such as beefing up email protections to guard against employees inadvertently clicking on dangerous links that land in their inboxes.
Shah said those tools, along with other advantages such as the cloud effect, are strong enough for nearly every customer . In many cases, it is better than the safeguards companies had before moving to the cloud.
Encrypted and Safe Data
Many companies struggle to keep up with the time-consuming day-to-day of keeping up with the latest security safeguards; things like regularly checking for vulnerabilities, patching security bugs or making sure that only the right people have access to secure information. These are all the things that cloud service providers do as just normal operating procedure.
Sometimes, security analysts hear from a customer who is worried about more complex threats or whose data is especially sensitive. That’s where Microsoft can point to cutting-edge offerings such as Shielded VMs, a Windows Server 2016 offering that can keep data safe from rare types of attacks like rogue employee or administrator. Another option, Always Encrypted for SQL Server, provides additional protections for very sensitive data (Social Security numbers or credit card information).
Always Encrypted is one of several examples of technology being used by customers today that originated within a Microsoft research lab.
The interaction between research and product groups forms a symbiotic relationship that both the researchers and the engineers say serves them well. The cryptographers and computer scientists who are working on new security technologies, can get a gut check from the engineers about whether their ideas would ever work in the real world. The engineers can go to the researchers for everything from broad-based technology frameworks to one-off solutions.
Control in the Cloud
One of those researchers is Manuel Cosa. He’s a principal researcher in Microsoft’s Cambridge, U.K., research lab, and these days he spends most of his time thinking of the most cutting-edge ways to make the cloud more secure while giving customers the control.
“We want our customers to have control. They should be able to make an informed decision on what to share and what to keep private. And our job, on the technology and research side, is to make sure that we have very, very strong techniques to honor what our customers expect from us on that front.”
Manuel Costa — Researcher in Microsoft’s Cambridge, U.K lab
The Future of Cloud Solutions
Microsoft is looking at ways that companies and organizations can share data securely and confidentially in the cloud. A future possibility could be through a hardware-based encryption solution that they are working on.
Security is never a one-size-fits-all proposition. A financial services company that wants to run investment analytics, a cancer researcher who wants to compare hundreds of health care records, and an individual who wants to secure her genomic record all have different needs and security methods. With the variety of companies and businesses out there the possibilities are endless for cloud solutions. Microsoft researchers are also working on all sorts of other cloud security tools aimed at meeting future security and privacy needs. Other researchers are creating ways to provide security for emerging technologies, such as AI and quantum computing. There is also research taking place for better safeguards for customers who interact with cloud-based systems. The research is providing big improvements to the security tools many people are already using for communication and transactions.
Cloud security is a long game. To do it right you need to constantly be investing in both the safeguards people need now and the protection they’ll need a year, or even a decade from now.
That means anticipating both what new technology or capability customers will want to use in the cloud, as well as what new exploits criminals will come up with to try to gain unwanted access to their data.
But you could also call it a never-ending game because it’s not a fight that anyone — the lawyers, the engineers, the researchers, and the security gurus — ever expects to end.
Those who work in the security field are rarely satisfied that anything is truly secure. That’s why, companies like Microsoft are constantly trying to attack themselves, looking for any nook or cranny a bad guy might not have found yet.
Costa, the researcher says, “I think we can always improve. That’s what motivates us. Everything can always be improved”
We’d love to help you get started with Microsoft Azure. You and your organization can benefit from Microsoft’s unmatched scale and experience, running trusted enterprise cloud services around the globe. Leverage our deep investments in technology, operational processes, and expertise to provide a trusted platform for your cloud initiatives. With Dynamic Consultants Group and Microsoft as your ally, you can take advantage of the cloud quicker while reducing security and compliance costs and minimizing risk to your organization.
