In this week’s edition of Microsoft Security Saturday, we have a great article by CVP Ann Johnson on cyber resilience, a real-world example of Zero Trust being implemented at banks, and more new preview features that are now available. Grab a cup of coffee/tea and take a few minutes to read through this week’s wrap-up.
Operational resilience cannot be achieved without a true commitment to and investment in cyber resilience. Global organizations need to reach the state where their core operations and services won’t be disrupted by geopolitical or socioeconomic events, natural disasters, and cyber events if they are to weather such events.
Many banks today still rely on a “castle-and-moat” approach—also known as “perimeter security”—to protect data from malicious attacks. Like medieval castles protected by stone walls, moats, and gates, banks that use perimeter security invest heavily in fortifying their network perimeters with firewalls, proxy servers, honeypots, and other intrusion prevention tools. Perimeter security guards the entry and exit points to the network by verifying the data packets and identity of users that enter and leave the organization’s network, and then assumes that activity inside the hardened perimeter is relatively safe.
Technology is dramatically transforming the global business environment, with continual advances in areas ranging from artificial intelligence (AI) and the Internet of Things (IoT) to data availability and blockchain. The speed at which digital technologies evolve and disrupt traditional business models keeps increasing. At the same time, cyber risks seem to evolve even faster—moving beyond data breaches and privacy concerns to sophisticated schemes that can disrupt entire businesses, industries, supply chains, and nations—costing the economy billions of dollars and affecting companies in every sector.
A fact known to security teams worldwide is that most cyber-attacks leverage existing unpatched vulnerabilities (ever heard of BlueKeep?), and have taught us that often the most effective proactive security strategy for any organization is maintaining healthy security posture. If you haven’t done it already, patch your operating system while you read this!
As we move closer to general availability (GA), you will see many changes in the Azure Sentinel. While true to the cloud, we release them as they are ready, the formal announcement will come with GA. This blog post lists some that may require your attention beforehand.
We recently blogged about Unified Labeling and delivered a webcast explaining what it means to you. The Unified Labeling platform provides lots of benefits. AIP Customers that enable Unified Labeling not only get the best features of a more modern platform for Information Protection, they also gain built-in support for Sensitivity Labels in Mac and Mobile platforms.
Since its release, the Azure Information Protection scanner has been adopted by many different types of customers. For example, some small businesses have deployed single scanners to address all their data at rest, others deployed a few machines in different locations or a few machines for the purpose of redundancy, while companies that needed to deal with petabytes of data may have deployed dozens of scanner instances, – such as internally at Microsoft, in which we deployed more than 40 scanners.
This blog highlights how to load and query using PolyBase by authenticating via Azure Active Directory (AAD) pass-through to Azure Data Lake Storage Gen2. AAD pass-through authentication with PolyBase is much more secure and compliant where you no longer need CONTROL permissions on the data warehouse to initiate a load.
Most modern organizations rely on a plethora of security solutions to execute defense-in-depth strategy. While these solutions are needed to cover all the gaps, they can add a lot of complexity via point integrations. The Microsoft Graph Security API offers simple ways to integrate with Microsoft and partner security products with a single interface and a unified schema.
Azure Firewall is now ISO compliant—Azure Firewall is now Payment Card Industry (PCI), Service Organization Controls (SOC), and International Organization for Standardization (ISO) compliant. It currently supports SOC 1 Type 2, SOC 2 Type 2, SOC 3, PCI DSS, and ISO 27001, 27018, 20000-1, 22301, 9001, and 27017.
In Microsoft 365, we take security and compliance seriously, helping you manage security concerns in an ever-evolving technology world that’s constantly under threat. Today at the SharePoint Conference we demonstrated that commitment with innovation to help you protect your identities and your information.
This article tells you how to search for members and owners of a group and how to use search filters as part of the groups improvement preview in the Azure Active Directory (Azure AD) portal. There are lots of improvements in the groups experiences to help you manage your groups, including members and owners, quickly and easily.