![\"Zero](\"https:\/\/www.microsoft.com\/security\/blog\/uploads\/securityprod\/2021\/12\/Zero-Trust-bar-chart.jpg\")
<\/p>\n
Figure 1: Negative impacts of cyberattacks in relation to Zero Trust implementation.<\/em><\/p>\n Knowing that your organization is protected from such threats, both external and internal, helps build the confidence you need to succeed. Zero Trust is a strategy that will help you get there. At Microsoft Security<\/a>, we\u2019re embracing the new reality of hybrid work by providing comprehensive security with best-in-breed coverage\u2014driven by AI and simplified for easy management\u2014so you can be fearless in the pursuit of your vision<\/strong>. In this blog, I\u2019ll share some of our customers\u2019 stories and how they\u2019ve empowered their teams to move forward with confidence during this time of unprecedented change.<\/p>\n Microsoft unifies security, compliance, identity, and management to help you improve productivity and protect your entire digital estate. By providing an end-to-end solution, we\u2019re able to integrate layers of protection across multiple clouds, platforms, endpoints, and devices\u2014Windows, macOS, Linux, iOS, Android, Amazon Web Services (AWS), Workday, Salesforce, and more. This comprehensive approach reduces the risk of data breaches as well as compliance and privacy missteps. Once the user sets the polices, Microsoft solutions provide data governance that can help enact better security.<\/p>\n Figure 2: Microsoft Zero Trust architecture.<\/em><\/p>\n More than providing products and services, we collaborate with our customers to understand their environments and build solutions that fit their needs. One such collaboration was with Siemens<\/a> where they moved from traditional on-premises security to a scalable, flexible solution to fit the company\u2019s complex environment. Having built its reputation for innovation across diverse industries\u2014energy, healthcare, industrial automation, building control systems, and more\u2014research and development continues to play a vital role in the company\u2019s success. For that reason, protecting the company\u2019s staff and intellectual property is always top of mind. And with offices in 200 countries, managing cybersecurity amid a global landscape of shifting compliance and security regulations provides an ongoing challenge.<\/p>\n \u201cThere aren\u2019t many vendors on the planet that can create a solution capable of providing consolidated insights into large, complex environments like ours. That\u2019s why we chose Microsoft.\u201d<\/em>\u2014Thomas Mueller-Lynch, Service Owner Lead, Digital Identity, Siemens.<\/p>\n<\/blockquote>\n \u201cThe sheer size of Siemens challenges us as to how we provide the best possible security,\u201d explained Peter Stoll, Cybersecurity Officer and Program Lead for Zero Trust at Siemens IT Worldwide. \u201cWe like to make sure we get the benefits of emerging technologies.\u201d<\/p>\n When Siemens decided to make the move from on-premises security to a Zero Trust approach, it turned to Microsoft Security. Their IT team implemented a range of security solutions through their Microsoft 365<\/a> subscriptions, including Microsoft Azure Active Directory<\/a> (Azure AD) with Conditional Access<\/a> as a policy engine, Microsoft Information Protection<\/a>, Microsoft Defender for Endpoint<\/a>, Microsoft Defender for Identity<\/a>, and other solutions\u2014creating a blueprint for ongoing security enhancements. \u201cWe chose the best of suite approach with the Microsoft 365 E5<\/a> solution,\u201d explained Mueller-Lynch. \u201cNow we have an overview of our environment that helps us react in real-time and defend against attacks proactively.\u201d<\/p>\n Today\u2019s organization not only requires security coverage across their threat landscape but also the confidence that comes with knowing that your provider has a proven track record. Microsoft is a leader in five Gartner Magic Quadrants<\/a> and eight Forrester Wave categories<\/a>, and we ranked the highest in the MITRE Engenuity\u00ae ATT&CK Evaluations<\/a>. Microsoft was also named a Leader in IDC MarketScape<\/a> for Modern Endpoint Security. With best-in-breed protection across the Zero Trust security fundamentals shown in Figure 2, Microsoft provides a security safety net that\u2019s not only comprehensive and fully integrated, but durable for the future. Microsoft\u2019s comprehensive solution has innovation at its heart.<\/p>\n Duck Creek Technologies<\/a> serves the global property and casualty insurance industry by providing cloud-based, software as a service (SaaS) solutions that help insurance carriers operate faster and smarter. When the company\u2019s existing security information and event manager (SIEM) neared the limits of its processing capabilities, Duck Creek needed to upgrade without losing critical data or reducing its ability to detect threats. \u201cSecurity is a very big part of how we\u2019ve created the relationships we have with our illustrious list of customers,\u201d says John Germain, Vice President and Chief Information Security Officer, Duck Creek Technologies. \u201cI wanted to be sure that the solution we shifted to was best-in-class. Because Microsoft steadily improves its products and solutions to stay ahead of competing offerings, I know we\u2019re in good hands.\u201d<\/p>\n Duck Creek made a quick and painless migration to both Microsoft Defender for Cloud<\/a> and Microsoft Sentinel<\/a>. The company also uses Microsoft Endpoint Manager<\/a> to manage its mobile-device security policies. Combining this functionality, Duck Creek has created single-pane-of-glass visibility for its remote workforce. \u201cWe now have incredible visibility across our entire technology stack, all in one place,\u201d says Germain.<\/p>\n Like Siemens, shifting from on-premises security to a multi-layered Zero Trust approach required the investment platform company eToro<\/a> to reassess its infrastructure. As a social investing platform with more than 17 million registered users across more than 100 countries, their IT team has a lot to cover. \u201cWhen we were operating our traditional third-party antivirus in parallel with our Microsoft solutions, we noticed that Microsoft Defender for Endpoint was acting as our first barrier against attackers. And in 99 percent of incidents, it was the first to detect and act on threats,\u201d says Shay Zakai, Director of Corporate IT, eToro.<\/p>\n That level of protection gave eToro the confidence to remove its third-party antivirus software and rely on Microsoft\u2019s comprehensive, integrated layers for Zero Trust security<\/a>. That native integration enables Microsoft\u2019s intelligent tools to cut alert volume by 90 percent while automatically remediating up to 97 percent of endpoint attacks. Today, eToro makes ample use of multiple components within Microsoft Defender for Endpoint\u2014threat and vulnerability management, attack surface reduction, endpoint detection and response (EDR), and automatic investigation and remediation\u2014to protect their global operations.<\/p>\n \u201cMicrosoft Cloud App Security [Microsoft Defender for Cloud Apps<\/a>] gives us the ability to analyze and classify information from Google Workspace and our other third-party apps in conjunction with Microsoft\u2019s compliance tools,\u201d Zakai explains. \u201cThat level of information gives us the power to restrict activities and enforce regulations as we see fit.\u201d<\/p>\n eToro also integrates Microsoft Intune<\/a>, a component of Microsoft Endpoint Manager, for their mobile device and mobile application management. By adopting Microsoft\u2019s integrated, AI-driven security, eToro not only automated threat detection and remediation but also increased mobility for employees while reducing their operating costs. \u201cBecause of our adoption of Intune and Microsoft Defender for Endpoint, we had virtually no security concerns as we adapted to COVID-19,\u201d says Zakai. \u201cWe were more than 90 percent ready to move to a work-from-home model on day one of the crisis.\u201d<\/p>\n Most security professionals agree that security silos bring risks.3<\/sup> Microsoft enables organizations to simplify and strengthen their security by consolidating up to 50 disparate products\u2014integrating with other tools to streamline investigation and remediation. When MVP Healthcare<\/a> decided to divest from the numerous redundant security licenses they\u2019d been relying on, it turned to Microsoft Security for a simpler, more easily managed security posture. The company was using roughly 300 different vendor solutions, many of them designed for specialized functions, and Chief Information Officer (CIO) Michael Della Villa wanted to simplify.<\/p>\n After replacing their legacy security solutions with Microsoft Sentinel, Microsoft Defender for Cloud<\/a>, Azure Firewall<\/a>, and other Microsoft security solutions, MVP Healthcare\u2019s IT team was freed up to concentrate on crucial tasks that require human attention. \u201cMicrosoft offers the cohesive solution we need,\u201d Della Villa says. \u201cWe spent so much time trying to maintain the prior system that we weren\u2019t actually using it. Now we easily get very detailed information from Microsoft Sentinel because it\u2019s so well connected across all of our Microsoft solutions. The focus and clarity we\u2019ve gained is a crucial benefit.\u201d<\/p>\n MVP Healthcare also uses Microsoft Defender for Cloud<\/a> to protect hybrid workloads. \u201cAlerts from Microsoft Defender for Cloud, Microsoft Defender for Cloud Apps<\/a>, and other solutions are chained together in an actionable way,\u201d adds MVP Healthcare cybersecurity consultant James Greene. \u201cThe entire security suite is seamlessly connected. We appreciate that because we can build a comprehensive policy for dealing with security issues in one place.\u201d<\/p>\n As a global leader in technology manufacturing for IoT systems, machine automation, and embedded computing, Advantech found itself<\/a> the target of a widely publicized ransomware attack<\/a> in November 2020. The attack was limited to corporate network servers and was quickly mitigated, but it served as a wakeup call. Future threats could affect factory production, delay customer deliveries, lead to theft of sensitive intellectual property, and even result in safety risks.<\/p>\n \u201cWe did many proof of concepts (POCs) with many different vendors, but no one met our needs,\u201d says Kevin Lin, IT Manager at Advantech. \u201cWe wanted a comprehensive solution to create better efficiency and visibility. We needed security without affecting efficiency on the client side, or requiring specialist installation and configuration by administrators. We decided on Microsoft.\u201d<\/p>\n According to Kevin, Microsoft Security offers a distinct advantage in its holistic approach to services and security. \u201cOther solutions were a little siloed, specialized, and required individual testing\u2014both for the product and support,\u201d he says. \u201cMany didn\u2019t adequately address operational technology (OT) requirements for manufacturing plants, and we recognized that Advantech\u2019s environment called for a comprehensive solution like Microsoft Security, not a collection of solutions.\u201d<\/p>\n Advantech\u2019s security team is now looking to further raise visibility into their IoT and OT risk with agentless, network-layer security provided by Microsoft Defender for IoT<\/a>\u2014including asset discovery, vulnerability management, and continuous threat monitoring with anomaly detection. \u201cWe didn\u2019t have staff dedicated to figuring out our security situation in our manufacturing plants (where IT security isn\u2019t their specialty),\u201d Kevin says. \u201cThis attack alerted senior management that they needed to deploy OT security monitoring in our factory networks as well.\u201d<\/p>\n Across the world with organizations of all sizes, from startups to multinational corporations, we see security teams behind the scenes quietly being fearless in achieving their goals. Despite the threats they face daily, these unsung leaders bravely continue the journey of helping their organizations digitally transform. They and you are the reason we want to show up for this important work. By providing not just comprehensive security, but best-in-breed protection with deep intelligence and simplified experiences\u2014Microsoft Security is right there beside you. We want to help you secure everything and be fearless<\/a>, and turn your vision into reality. To hear from our customers in their own words, visit Customer Stories<\/a> to learn more. We look forward to our journey together, being fearless, and empowering each other to thrive!<\/p>\n To learn more about Microsoft Security solutions, visit our website<\/a>. Bookmark the Security blog<\/a> to keep up with our expert coverage on security matters. Also, follow us at @MSFTSecurity<\/a> for the latest news and updates on cybersecurity.<\/p>\n 1<\/sup>Zero Trust Adoption Report<\/a>, Microsoft Security, Hypothesis Group 2021. July 2021.<\/p>\n 2<\/sup>The hunt for NOBELIUM, the most sophisticated nation-state attack in history<\/a>, John Lambert, Microsoft Security. 10 November 2021.<\/p>\n1. Comprehensive means coverage of your entire environment<\/h2>\n
![\"Flow](\"https:\/\/www.microsoft.com\/security\/blog\/uploads\/securityprod\/2021\/12\/MS-ZT-arch.jpg\")
<\/p>\n\n
2. Comprehensive isn\u2019t just coverage\u2014it\u2019s best-in-breed protection<\/h2>\n
3. Integration and AI power Zero Trust security<\/h2>\n
4. Simplicity is stronger<\/h2>\n
Helping you be fearless<\/h2>\n
\n