Microsoft today announced new security solutions to help customers strengthen visibility and control across multiple cloud providers, workloads, devices and digital identities – all from a centralized management view. These include the extension of native capabilities of the Microsoft Defender for Cloud to the Google Cloud Platform (GCP), public preview of CloudKnox Permissions Management, and new security data analysis capabilities on Microsoft Sentinel.
As businesses adapt and transform through the adoption of cloud, mobile and edge platforms, this has also brought about increased security considerations. According to the Flexera 2021 State of the Cloud Report, 78% of respondents are using a hybrid cloud model, meaning they rely on apps and infrastructure from multiple cloud providers. Another recent survey sponsored by Microsoft shows that 83% of business leaders see managing multicloud complexity as their biggest pain point in 2022.
Vasu Jakkal, Corporate Vice President, Security, Compliance and Identity at Microsoft, said: “Cyber risks are inevitable and ever-evolving, but the more we build comprehensive, integrated, and cloud‑powered defenses using automation to prevent, detect and mitigate risk, the more we can empower organizations of all sizes to be fearless in their digital transformation and continue to innovate. We are committed to delivering comprehensive solutions that work seamlessly across platforms and that extend to clouds and apps well outside Microsoft’s own offerings. No one is better positioned to help our customers secure their entire digital estates end-to-end.”
Delivering the Future of Multicoud
As organizations continue to embrace multicloud strategies, it is crucial that their security solutions reduce complexity and allow them to strengthen overall security postures – all from a single place. To address this, Microsoft will be extending the native capabilities of Microsoft Defender for Cloud to the GCP. This is another step in its journey to protect its customers across diverse cloud systems. With GCP support, Microsoft is now the only cloud provider with native multicloud protection for the industry’s top three platforms – Microsoft Azure and Amazon Web Services (AWS), which was announced at Ignite in November 2021, and now GCP.
This support for GCP comes with out-of-the-box recommendations that allow customers to configure GCP environments in line with key security standards, such as the Center for Internet Security benchmarks, and protection for critical workloads running on GCP. This will allow organizations to manage their security centrally and natively across clouds.
Securing Identity and Strengthening Zero Trust
Identity is the new battleground for cyberattacks, and security and compliance fundamentals begin with conclusively managing this key pillar. A multicloud world means that the number of platforms, devices, users, services and locations multiplies exponentially – and organizations often face the challenge of securing this.
Microsoft today announced that it will be offering a public preview of CloudKnox Permissions Management. This follows Microsoft’s acquisition of CloudKnox Security in 2021, to accelerate its ability to help customers manage permissions in their multicloud environments and strengthen Zero Trust security postures. CloudKnox will help provide organizations complete visibility into all identities, users and workloads across clouds, with automated features that consistently enforce least privilege access and use machine learning-powered continuous monitoring to detect and remediate suspicious activities.
Reinventing the Economics of Data
Microsoft also announced new ways for Security Operations Center teams to access and analyze security data with Microsoft Sentinel, as they defend against ever-evolving cyberthreats. This will reinvent the economics of working with security information and event management data by embracing all data types, wherever they live, to provide the most comprehensive threat hunting solution.
Capabilities introduced include basic logs that allows Microsoft Sentinel to sift through high volumes of data and find high severity but low visibility threats. In addition, Microsoft Sentinel will have a new data archiving capability to extend data retention beyond Microsoft’s current policy of two years to seven years to support its customer’s global data compliance needs. Microsoft will also be adding a new search experience to empower security analysts to quickly and easily search massive volumes of security data from all logs, analytics, and archives, to hunt for threats.
Delivering Greater Visibility and Control
As cyberattacks continue to evolve, organizations need to prepare for attacks to come from both inside and outside their networks. Microsoft has also announced a slew of comprehensive solutions that organize identity, security, compliance and device management as an interdependent whole, while extending protection across data, devices, identities, platforms, and clouds:
- Secure workload identities with Azure Active Directory (ADD), beyond its core capabilities of protecting user identities, as customers move more workloads into the cloud and develop more cloud‑native applications.
- Policy compliance and enforcement for Android and macOS devices via the Microsoft Endpoint Manager.
- Secure payment processing with Azure through the launch of a new service, Azure Payment HSM service, in public preview for payment card issuers and network and payment processors to securely process payments in the cloud. Azure Payment HSM service ensures the highest levels of protection for cryptographic keys and customer PINs for secure payment transactions.
