More

    Microsoft Looks to Transform Security into a Service

    Slide Show

    8 Web App Security Best Practices to Fight Off Bot Intrusions

    Looking to address what Microsoft CEO Satya Nadella describes as the most pressing issue of our time, Microsoft this week launched a flurry of security offerings intended to turn security into a set of continuously delivered services.

    Speaking at a Microsoft Government Cloud Forum, Nadella says that in much the same way that Microsoft now manages Windows 10 as a service, everything from behavioral analytics of attacks to remediation will soon become a set of common services spanning the desktop, server and Microsoft cloud offerings.

    To that end, Microsoft announced the formation of a Microsoft Enterprise Cybersecurity Group made up of security professionals that will work with a new Cyber Defense Operations Center that Microsoft is setting up to detect threats in real time using what Nadella describes as an intelligent fabric that Microsoft will continue to expand and invest in over time.

    In addition, Microsoft is extending the capabilities of its Enterprise Mobility Suite (EMS) support for Windows, Apple iOS and Google Android applications and devices without requiring organizations to enroll those devices and applications, while at the same time giving organizations more control over access to their data stored in Office 365 and Equivio Analytics for eDiscovery.

    Finally, Microsoft announced that Box and Adobe will offer new Microsoft Intune native apps on iOS and Android to help prevent sharing of confidential corporate data to personal locations or cloud services, and that organizations that build applications using the SAP Fiori framework will be able to invoke Microsoft Intune as well.

    Coupled with a set of existing security-as-a-service offerings from Microsoft and the recent acquisitions of Secure Islands, a provider of data protection software, and Adallom, a provider of access control software for cloud services, Microsoft is clearly making the ability to identify threats using advanced analytics not only a much higher priority, but also providing updates that promise to prevent those threats from infecting IT environments at a massive scale.

    It may be impossible to prevent every threat from infecting any given system. But there’s no reason that threat should not be identified much faster than it is today or, just as importantly, prevented from infecting scores of additional systems simply because nobody knows it’s there in the first place. Given that Microsoft is often at the front line of where those attacks are launched, anything that Microsoft does to mitigate those threats is both welcome and admittedly long overdue.

    Mike Vizard
    Mike Vizard
    Michael Vizard is a seasoned IT journalist, with nearly 30 years of experience writing and editing about enterprise IT issues. He is a contributor to publications including Programmableweb, IT Business Edge, CIOinsight and UBM Tech. He formerly was editorial director for Ziff-Davis Enterprise, where he launched the company’s custom content division, and has also served as editor in chief for CRN and InfoWorld. He also has held editorial positions at PC Week, Computerworld and Digital Review.

    Latest Articles