Microsoft Security delivers new multicloud capabilities

In times of great change, challenges and opportunities can be found in many directions. This is certainly true in IT and cybersecurity.

Today, while navigating a pandemic, frequent supply chain shocks, and global talent shortages, organizations around the world are forced to confront sophisticated ransomware and nation-state attacks. They’re continually staying ahead of stricter compliance requirements, and they’re doing all of this while focusing on the strategic edge they obtain using technology as a transformational advantage.

Cloud, mobile, and edge platforms have driven unprecedented business innovation, adaptation, and resilience during this time, but this broad mix of technologies also introduces incredible complexity for security and compliance teams. The security operations center (SOC) must keep pace with safeguarding identities, devices, data, apps, infrastructure, and more. Further, they must take stock of evolving cyber risks in this multicloud, multi-platform world, and identify where blind spots may exist across a broad new set of users, devices, and destinations. 

When you combine these business needs and rising concerns, it’s clear that security is the defining opportunity and challenge of our time. At Microsoft, our mission of empowering every person and organization on the planet to achieve more means anticipating these needs, slashing security complexity, and protecting organizations across their entire digital estate. We do this by making multicloud support central to our security strategy.

Today, we’re announcing new advances to help customers strengthen visibility and control across multiple cloud providers, workloads, devices, and digital identities—all from a centralized management view. These new features and offerings are designed to secure the foundations of hybrid work and digital transformation.  

Delivering the future of multicloud security

According to the Flexera 2021 State of the Cloud Report, 92 percent of respondents are using a multicloud model, meaning they rely on apps and infrastructure from multiple cloud providers.1 Another recent survey sponsored by Microsoft shows that 73 percent of respondents say it’s challenging to manage multicloud environments.2 For organizations to fully embrace these multicloud strategies, it’s critical that their security solutions reduce complexity and deliver comprehensive protection.

Today, we’re taking another step in Microsoft’s journey to protect our customers across diverse cloud systems by extending the native capabilities of Microsoft Defender for Cloud to the Google Cloud Platform (GCP).

With GCP support, Microsoft is now the only cloud provider with native multicloud protection for the industry’s top three platforms: Microsoft Azure, Amazon Web Services (AWS) (announced at Ignite last November), and now Google Cloud Platform (GCP). Microsoft Defender for Cloud provides Cloud Security Posture Management and Cloud Workload Protection. It identifies configuration weak spots across these top providers to help strengthen the overall security posture in the cloud and provides threat protection across workloads—all from a single place.

Support for GCP comes with out-of-box recommendations that allow you to configure GCP environments in line with key security standards like the Center for Internet Security (CIS) benchmark—protection for critical workloads running on GCP, including servers, containers, and more. Find out more in today’s announcement blog

Microsoft Defender for Cloud dashboard with connected Azure subscriptions, A W S accounts, and G C P projects.

Strengthening Zero Trust with identity security from CloudKnox

Despite all this innovation and change, security and compliance fundamentals begin with conclusively managing identity. Identities are the foundational piece that makes it possible to deliver apps, data, and services where they’re needed.

In a multicloud world, the number of platforms, devices, users, services, and locations multiplies exponentially, so securing those dynamically changing identities and permissions, wherever they are, is another core pillar of multicloud protection. 

A key pain point for many organizations here is the lack of visibility and control over their ever-evolving identities and permissions. To help address this, last year we acquired CloudKnox Security, a leader in Cloud Infrastructure Entitlement Management (CIEM), to accelerate our ability to help customers manage permissions in their multicloud environments and strengthen their Zero Trust security posture.

Today, we’re announcing the public preview of CloudKnox Permissions Management. CloudKnox provides complete visibility into user and workload identities across clouds, with automated features that consistently enforce least privilege access and use machine learning-powered continuous monitoring to detect and remediate suspicious activities. Learn more in today’s blog post

CloudKnox Permissions Management dashboard with complete visibility into permissions across Azure, A W S, and G C P.

Reinventing the economics of security data with Microsoft Sentinel

To defend against today’s threats as well as tomorrow’s, security teams must have ready access to all security data. But as the volume of security data continues to grow exponentially, a one-size-fits-all model is no longer sufficient.

We’re working to reinvent the economics of working with security information and event management (SIEM) data and delivering new ways to access and analyze security data by embracing all data types, wherever they live, to provide the most comprehensive threat hunting solution. Today, we’re announcing new capabilities as the first step on this journey. We’re introducing basic logs, a new type of log that allows Microsoft Sentinel to sift through high volumes of data and find high-severity, low-visibility threats, and a new data archiving capability to extend data retention to seven years—beyond our current policy of two years—to enable our customers’ global data compliance needs. We’re also adding a new search experience to empower security analysts to hunt for threats more effectively. They can now search massive volumes of security data quickly and easily from all logs, analytics, and archives. Learn more about Microsoft Sentinel’s vision and new capabilities.

Delivering comprehensive protection

In today’s threat landscape, attacks are coming from anywhere and everywhere, including both inside and outside organizations. That’s why it’s critical to deliver comprehensive solutions that organize security, compliance, identity, endpoint management, and privacy as an interdependent whole while extending protection across platforms and clouds.

To that end, we’re announcing some updates across our portfolio that will help you better protect what’s most important to your business:

  • Secure workload identities with Azure Active Directory (Azure AD): We’re extending Azure AD beyond its core capabilities of protecting user identities to now also safeguarding workload identities for apps and services, as customers move more workloads into the cloud, and develop more cloud-native applications. We announced Conditional Access for workload identities last November, and now, Identity Protection can also be applied to workload identities. Learn more from our blog post.
  • Secure payment processing in the cloud with Azure Payment HSM: We recently launched a new service, Azure Payment HSM, in public preview, for payment card issuers and network and payment processors to securely process payments in the cloud. It provides the highest levels of protection for cryptographic keys and customer PINs for secure payment transactions. Learn more from the announcement blog

Join us at the What’s Next in Security from Microsoft digital event

Cyber risks are inevitable and ever-evolving, but the more we build comprehensive, integrated, and cloud-powered defenses using automation to prevent, detect, and mitigate risk, the more we can empower organizations of all sizes to be fearless in their digital transformation and continue to innovate.

We’re committed to delivering comprehensive solutions that work seamlessly across platforms and extend to clouds and apps well outside our offerings so that our customers can secure their entire digital estate, end-to-end.  

In a new year full of perseverance and opportunity, I want to thank our customers and partners for placing their trust in Microsoft Security. I’d also like to invite you to join us at our What’s Next in Security from Microsoft digital event tomorrow February 24, 2022, where we will be joined by industry leaders to dive deeper into these evolving market trends, our multicloud protection innovations, and more. Learn more and register for the event here.

Learn more

To learn more about Microsoft Security solutions, visit our website. Bookmark the Security blog to keep up with our expert coverage on security matters. Also, follow us at @MSFTSecurity for the latest news and updates on cybersecurity.

12021 State of the Cloud Report, Flexera.

2Cloud trends show customers increasing investments in hybrid and multicloud, Erin Chappel, Microsoft. January 27, 2022.