Microsoft has announced a slew of cloud-based security features in response to CEO Satya Nadella’s call last year for a new approach to how the firm protects, detects and responds to threats.
CISO Bret Arsenault announced the updates, claiming that as cyber threats get more advanced, Microsoft needs to improve its ability to get real-time insight and predictive intelligence.
“We must be able to correlate our security data with our threat intelligence data to know good from bad. And we must leverage the industry and our partners to ensure a broad, comprehensive approach,” he explained.
“These three things align with the approach Microsoft brings to security for our customers – a holistic, agile security platform, informed by insights from our intelligent security graph and integration with partners and the industry.”
To that end, Microsoft will be making available Cloud App Security in April. This new feature comes from its acquisition of Adallom and is designed to bring “on premise-like” visibility and control to SaaS applications.
Enhancements to Office 365 bring additional visibility and control and include security alerts for admins; cloud app discovery to let admins see what cloud services are being used in the organization; and the ability to approve or revoke permissions for third party services.
Microsoft will also be rolling out its Customer Lockbox feature for SharePoint Online and OneDrive for Business in Q2. This is all about providing greater transparency and control for users when Microsoft engineers need to access their Office 365 environments.
Next come a slew of Azure enhancements including the ability to tailor policy based on the security needs of specific workloads, and a Power BI dashboard to reveal trends and attack patterns.
Available for public preview next week is Azure Active Directory Identity Protection, which is designed to detect suspicious activity and identify potentially compromised users.
Microsoft has also wrapped in new advanced threat detection for Azure customers based on data collected from crash dumps, alongside network and behavioral analytics.
Also, there will be new capabilities added to the Operations Management Suite to allow IT to visualize and drill down into attack patterns.