10 Microsoft Security Updates Rolled Out At RSA 2017
New Security Features From Microsoft
Microsoft is continuing to make big investments in security – with a pledge to spend more than $1 billion a year on security. Those investments have spread across the company's Windows, Azure, Office 365, SQL platform, managed services and more. In a blog post around the 2017 RSA Conference in San Francisco, Microsoft Chief Information Security Officer Bret Arsenault laid out where the company has made enhancements to its portfolio. The updates all fit under CEO Satya Nadella's strategy to build an "operational security posture," bringing together organizations, governments and Microsoft's own solutions to solve what he called the "most pressing issue of our time." Take a look at ten of the updates Microsoft has announced at the RSA Conference.
Windows 10 Updates
Arsenault said Microsoft is bringing more "commercial-grade security" to Windows 10. Microsoft has added Active Directory only restrictions for Windows Hello Support, Dynamic Lock to automatically lock a device based on user proximity, and enterprise control over ownership, lockout, new Windows Analytics capabilities for compliance and security health, and enhancements to Windows Defender Advanced Threat Protection (WDATP). The enhancements to Windows Defender Advanced Threat Protection, in particular, add updates for better protection against zero-days, ransomware and other advanced attackers, including customized detection rules and the integration of Office ATP and WDATP.
Surface Updates
Microsoft also rolled out multiple new updates to increase security for Surface devices, according to a second blog post by Director of Program Management, Windows Enterprise and Security Rob Lefferts. In particular, the company launched the Surface Enterprise Management Mode (SEMM) that allows an organization to deploy and custom configure their Surface devices. SEMM includes capabilities for taking ownership, modifying, controlling hardware configuration, security and OS behaviors. Microsoft also announced that Windows 10 and some Surface devices had been added to the NSA's Commercial Solutions for Classified Programs list.
"At Microsoft, we are tirelessly focused on creating innovation that helps our customers protect, detect and respond to the constantly evolving and ever-changing cyber threat landscape. Our goal is to create a holistic, agile security platform, powered by the cloud, that better secures our customers – and Microsoft’s – infrastructure around the world," Lefferts said in the blog post.
Microsoft SQL Platform
Microsoft announced Azure SQL Database Threat Detection, a solution to help increase database security using machine learning to monitor applications, detect suspicious activity and alert administrators through the Azure Security Center. The solution is designed to protect and detect against vulnerabilities, SQL injection attacks, and unauthorized data access, the company said. The solution will be available in April. The launch builds on the Always Encrypted data security feature launched in July 2016 and Azure Active Directory Authentication in August 2016, the company said.
Enterprise Threat Detection
Microsoft also made Enterprise Threat Detection, a managed security service for protection, detection and response to the latest APT and other attacks, generally available. The managed security service brings together threat intelligence, machine learning, and cybersecurity analysts to protect, detect and respond to attacks. The service includes corporate error reporting, Cyber Threat Intelligence, Advanced Threat Analytics, and Windows Defender Advanced Threat Protection.
Azure Security Center And Operations Management Suite
Microsoft also announced enhancements to its cloud security portfolio, including updates to the Azure Security Center and Operations Management Suite. On the protection front, Microsoft added application whitelisting and just-in-time network access to VMs. For detection, the company added machine learning capabilities to pinpoint brute force attacks and outbound DDoS and botnet activity, as well as new behavioral analytics for servers and VMs and Azure SQL Database Threat Detection. Microsoft also announced the addition of two new integration partner solutions: Fortinet NGFW and Cisco ASA, adding to existing integrations with Barracuda and Check Point Software Technologies.
O ffice 365 Secure Score
As Microsoft looks to give customers better visibility into their security posture, the company has rolled out a new security analytics offering called Office 365 Secure Score. The offering allows companies to evaluate their current security configurations around Office 365, and then further assess how changes to configurations will impact their overall security.
Microsoft said some insurance companies are already interested in using the Office 365 Secure Score as part of their underwriting process, citing The Hartford as an example.
Office 365 Advanced Data Governance
Microsoft also updated its Office 365 security offerings with the public preview of Office 365 Advanced Data Governance. The solution leverages machine learning to identify unnecessary data. By eliminating some of that unnecessary data, companies can limit their risk, the company said.
Office 365 Threat Intelligence
Microsoft also announced the private preview of Office 365 Threat Intelligence, which provides global threat landscape insights on the latest cyber threats. Microsoft said the solution would likely be available later this quarter.
SailPoint Partnership
Microsoft announced it had teamed up with identity governance company SailPoint for extending identity governance solutions to the Microsoft Azure Active Directory. The partnership includes adding SailPoint's access certifications, access requests, separation-of-duty policy, role management and audit reporting to Microsoft's identity and access management solutions. The launch comes as identity and access management comes to the forefront in the security industry, as companies increase their focus on securing who has access to data and applications.
’Organizations are struggling with how to best address the ever-changing security landscape while simultaneously opening their perimeter to ensure that employees, contractors and partners around the world have the right access to the right applications and data at the right time,’ Kevin Cunningham, president and founder of SailPoint, said in a statement. ’Organizations can now better provide governance-based access to all of their on-premises and cloud applications and systems with the combination of Microsoft Azure Active Directory and SailPoint’s integrated identity governance capabilities."
Enterprise Mobility And Security Playbook, Cybersecurity Administration Learning Path
Finally, Microsoft announced two new updates to help partners and customers get aligned with the right security strategy. First, the company announced a new Cybersecurity Administration learning path for its Microsoft Software & Systems Academy, which it said would help service members gain the necessary skills to join cybersecurity companies. It also launched a new Enterprise Mobility + Security Playbook, which provides a framework for partners to help customers secure their mobile apps and devices.