Companies are migrating to the cloud at a record pace, not only to ramp up efficiencies but to improve security at one of the most critical times in history. The concern about security today is not just one born from the need to keep up with ransomeware and other advanced threats, but to meet compliance requirements mandated by the EU’s General Data Protection Regulation (GDPR) act and Canada’s Personal Information Protection and Electronic Documents Act (PIPEDA). CSO reports that nearly 70 percent of companies see compliance mandates driving spending, which is why careful consideration is given towards the choice of a cloud productivity solution.
With viable options out there, it can be hard for executives to make the final call on which cloud based software as a service (SaaS) makes the most sense when it comes to security. As a response, Microsoft has been making a case for MS 365 as the business service bundle best positioned to manage the growing number of cyber-security threats. In a timely fashion, Microsoft’s annual conference for developers and IT professionals, known as Microsoft Ignite, recently concluded and featured important product and roadmap updates that pertain to data security and compliance. We’re going to highlight some of the important updates while reviewing key security features of MS 365 in order to help you make a more informed decision.
The recent Verizon Data Breach Investigations Report (DBIR) states that over 80% of data breaches succeed through stolen or weak passwords. The report also shows a near 20 percent increase from the year prior, which is baffling when you consider that it’s preventable by following reasonable precautions. But in the end, human error will persist and Microsoft has made moves to put an end to traditional passwords.
Microsoft will now support login to hundreds of thousands of apps (MS 365 Enterprise services included) that are connected to Azure Active Directory without the need for a password. This will occur via the Microsoft Authenticator (MFA) app, which employs Multi-Factor Authentication to combine phone and fingerprint, face or PIN, a defensive combo which they state will reduce the risk of compromise by 99.9 percent.
Microsoft Secure Score is an enterprise-class dynamic report card for cyber-security. By using it, your business will receive assessments and recommendations that can exponentially reduce the risk of a breach. It will provide your security team with guidance on how to better secure admin and user accounts with Multi-Factor Authentication, will turn off client-side email forwarding rules, and more.
At Ignite 2018, it was announced that Secure Score will cover all of Microsoft 365 products. Now that’s a report card you want to receive!
The tech giant has introduced a new offering known as Microsoft Threat Protection. This allows for more robust threat detection, investigation, and remediation across endpoints, email, documents (Word, etc.), identity, and infrastructure in the MS 365 admin console.
When your business subscribes to MS 365 productivity solutions, it also gains an intelligent compliance initiative that assists in assessing and managing compliance risks. You will be able to leverage the cloud to identify, classify, protect, and monitor sensitive data residing in multifarious environments. In fact, Microsoft makes it their job to stay on top of compliance regulations on behalf of their SaaS clients. For example, when GDPR loomed earlier in the year, they announced that they would provide MS 365 subscribers with an information protection strategy to assist with the transition.
Additional updates have been provided, including Compliance Score availability for Office 365 and open availability for Compliance Manager.
Source: Microsoft 365
Among Microsoft’s Enterprise solutions, your day to day Office 365 (part of the MS 365 bundle of services) information should be protected. Developed under their renowned Security Development Lifecycle (SDL) subscribers will enjoy the following:
Encryption at rest that protects your data on servers.
Encryption in transit with SSL/TLS that protects your data when transmitted.
Threat management, security monitoring, and file/data integrity that prevents and/or detects any tampering of data.
Real time protection against advanced attacks that is applied to your mailboxes, files, online storage.
Holistic security in Microsoft Teams, Word, Excel, PowerPoint, Visio, SharePoint Online, and OneDrive.
Exchange Online Protection to provide advanced security and reliability against spam and malware. This will help protect your data while providing access to your email during and after attacks.
Microsoft has infused artificial intelligence (AI) into their SaaS’ for more than productivity improvements (personalized search, etc.). AI has become instrumental in security too. For instance, Office 365 has applied AI in their release of an Attack Simulator. In addition, Microsoft announced a new API for connecting to the company's Intelligent Security Graph (ISG). ISG is fed data on billions of webpages and threats caught by Windows Defender ATP, in addition to billions of emails that Microsoft scans for malware and spam alike. The company has also introduced Microsoft Security Risk Detection to help your developers find security flaws using artificial intelligence to track down bugs and vulnerabilities in software. For instance, AI will ask a series of “what if” questions in an attempt to root out anything that might trigger a crash and signal the potential for a security breach.
Widespread adoption of MS 365 affords you better access to Managed Services Providers that can assist in a support capacity. By bringing in IT support, adoption, execution, and management of your data and workload on the cloud will be more seamless than if you attempt to go at it alone.
Of course, not any MSP will do. You need a Microsoft Certified Partner with an in-house team for 365 support. When you order MS 365 products through SIRKit, you gain more than a Microsoft Certified Partner.
You also get access to your very own support team which includes professional L1, L2, and L3 technicians that will help you better capitalize on opportunities and resolve issues that go beyond MS 365, including those found with all of your Microsoft business solutions. Contact SIRKit today to learn more.