Ignite 2018 highlights: passwordless sign-in, confidential computing, new threat protection, and more

What a week it was in Orlando! Ignite is always a biggie, and this one was no exception. For all of us here at Microsoft who get to work on security, spending time with customers to learn how you are using our security products today and to share new innovations to come is a highlight. At this year’s event we put even greater emphasis on providing attendees with access to engineering experts throughout more than one hundred focused sessions, workshops, and hands-on immersion experiences for the latest technologies in security. I was chuffed to see that our security booths at the center of the expo hall were chock-a-block for the whole event. Thank you to everyone who stopped by, attended our social and community events, and connected with our engineers and product managers.

After their security blanket work at the RSA Conference earlier this year, our social team once again took a shot at “peak swag.” Our “Security SOCs” were the result, lovingly designed and then crafted from the finest combed cotton, bringing fashion together with a six-month Enterprise Mobility + Security trial—quite the combination.

Show us your own fashion moment through social media with #askmeaboutmySOC #showmeyourSOC.

More seriously, if you weren’t able to join us this year, or found yourself trading off between sessions or workshops at the show, don’t worry, our breakout sessions on security are available on-demand. At Ignite 2018, we also brought a deep lineup of new security innovations that I have summarized below, along with some top session recommendations:

Identity and access management

We really don’t like passwords, so together we want to help you eliminate their use through simpler, more secure alternatives. New support for passwordless sign-in to Azure Active Directory (Azure AD) connected apps—both cloud and on-premises—through the Microsoft Authenticator app can help you replace passwords with a more secure, multi-factor sign-in that can reduce compromise by 99.9 percent and significantly simplify the user experience. Watch the Ignite session: Getting to a world without passwords.

We also announced two powerful new features in our set of identity governance capabilities for Azure AD to help automate the process of granting access to employees and partners: Entitlement Management and My Access. Watch the Ignite session: Govern access to your resources with Azure AD identity governance. And read more about identity and access management announcements.

Information protection

As you move more of your workloads to the cloud, meeting information security and compliance standards needs a new approach. Azure is the first cloud platform to offer confidentiality and integrity of data while in use—adding to the protections already in place that help keep your data secure in transit and at rest. Azure confidential computing benefits are available soon on a new DC series of virtual machines in Azure, enabling trusted execution environments using Intel SGX chipsets to protect data while it’s being computed. Watch the Ignite session: Protection by design: Intel SGX and Azure Confidential Computing.

We’ve also rolled out a new unified labeling experience in the Security & Compliance Center in Microsoft 365 that delivers a single, integrated approach to creating data sensitivity and data retention labels. You can preview new labeling capabilities that are built into Office apps across all major platforms and new extensions of labeling and protection capabilities to include PDFs. The Microsoft Information Protection SDK, now generally available, enables other software creators to enhance and build applications that understand, apply, and act on Microsoft sensitivity labels so you can have more cohesive information protection. Read more about the information protection announcements and watch the Ignite session.

Threat protection

Microsoft Threat Protection, announced at Ignite last week, is an integrated experience for detection, investigation, and remediation across endpoints, email, documents, identity, and infrastructure. This new integration in the Microsoft 365 admin console combines signal across all of Office 365 Advanced Threat Protection (ATP), Windows Defender ATP, Microsoft Cloud App Security, Azure AD Identity Protection, and the Azure Security Center to help you secure across your digital estate. The portal not only provides alerts and monitoring of threats, but also gives you the ability to make real-time policy changes to help your security strategy stay ahead of changing threats. Read more about Microsoft Threat Protection or watch the Ignite session.

Microsoft Cloud App Security can now leverage the traffic information collected by Windows Defender Advanced Threat Protection about the cloud apps and services being accessed from IT-managed Windows 10. This native integration provides admins a more complete view of cloud usage in their organization and easier investigative work. Read more about this integration or watch the Ignite session.

Security management

To help you strengthen your security posture, you’ll want to understand your current position and where to go from there. Microsoft Secure Score is the only dynamic report card for cybersecurity. Organizations that use the Secure Score assessments and recommendations typically reduce their chance of a breach by 30-fold. Microsoft Secure Score provides guidance to improve your security posture. For example, Secure Score can recommend taking steps to secure your admin accounts with Multi-Factor Authentication (MFA), secure users’ accounts with MFA, and turn off client-side email forwarding rules. Starting today, we’re expanding Secure Score to cover all of Microsoft 365. We are also introducing Secure Score for hybrid cloud workloads in the Azure Security Center, so you can have full visibility across your organization’s entire estate. Read more about Microsoft Secure Score or watch the Ignite session.

Unified endpoint management

Customers using System Center Configuration Manager and Microsoft Intune to manage their existing infrastructure benefit immediately from the scale, reliability, and security of the cloud. We announced new capabilities for unified endpoint management (UEM) at Ignite to empower IT to secure your data across a variety of devices and platforms, and to help you deliver intuitive and native user experiences for Windows 10, iOS, and Android devices. Read more about all the UEM advancements or watch the Ignite session.

Looking ahead

Working closely with customers is at the center of our ability to innovate and evolve our security technologies. Ignite is a top-notch opportunity to build security community. It doesn’t stop there though. We are always interested in your feedback as we roll out new capabilities—do join us and have your voice heard via the Tech Community.

READ MORE HERE