Microsoft doubles down on zero trust security policies

New features across Azure, Microsoft 365 and Defender aim to protect customers against external breaches and insider threats

The Microsoft logo and a padlock placed on a black keyboard

Microsoft has launched new functionality across its Azure Active Directory (AD) authentication portal and Microsoft 365 to advance its zero trust security strategy and protect its customers against insider threats. 

‘Zero trust’ is a security strategy based on the need for businesses to adapt to increasingly sophisticated threats, and is based on the assumption that nothing within the corporate network can be trusted. 

Microsoft is among a handful of tech companies to adopt these policies in a meaningful way over the past few years, with features revealed at its Ignite 2021 conference in Azure AD and Microsoft 365 bolstering the firm’s zero trust capabilities. 

Passwordless authentication is now generally available in AD across all cloud and hybrid environments, with users able to use biometrics, Windows Hello for Business, the Microsoft Authenticator app or FIDO2 security key to log-in.

The policy engine Azure AD Conditional Access now uses authentication context to enforce more granular policies based on user interactions within an app, also taking into account the sensitivity of data they’re trying to access. 

Verifiable credentials, which lets organisations confirm pieces of information on their employees such as education or professional certificates, is also entering public preview within the next few weeks. This verifies claims made without collecting any personal data. The government of Flanders and the NHS are already piloting this service.

“As defenders ourselves, we are passionate proponents of a Zero Trust mindset, encompassing all types of threats - both outside in and inside out,” said Microsoft’s corporate VP for security, compliance and identity, Vasu Jakkal.

“We believe the right approach is to address security, compliance, identity, and device management as an interdependent whole, and to extend protection to all data, devices, identities, platforms, and clouds – whether those things are from Microsoft, or not.”

Changes in Microsoft 365 are largely based on trying to eliminate the insider threat, both malicious and unwitting, with the firm investing in creating inside-out protection by extending its capabilities to third parties.

Improvements in compliance include co-authoring documents protected with Microsoft Information Protection, which allows multiple users to work simultaneously on documents while benefitting from the extensive protection for documents and emails across Microsoft 365 apps.

Related Resource

Cost of a data breach report 2020

Find out what factors help mitigate breach costs

cost of a data breach report 2020 - whitepaper from IBMDownload now

Microsoft 365’s Insider Risk Management Analytics will allow customers to identify potential insider risk activity within an organisation, which will then inform policy configurations. Tools include daily scans of tenant audit logs, including historical activities, with machine learning used to identify any risky activity.

Azure Pureview, Microsoft’s unified government platform for on-premises, multi-cloud and software as a service (Saas) data, can also be used to scan and classify data residing in AWS S3 buckets, SAP EEC, SAP S4/HANA and Oracle Database.

“Adopting a Zero Trust strategy is a journey,” Jakkal continued. “Every single step you take will make you more secure. In today’s world, with disappearing corporate network perimeters, identity is your first line of defence. 

“While your Zero Trust journey will be unique, if you are wondering where to start, our recommendation is to start with a strong cloud identity foundation. The most fundamental steps like strong authentication, protecting user credentials, and protecting devices are the most essential.”

Microsoft is also launching what it calls an “assume breach” toolset, which comprises tools and features that can help customers adopt the assume breach mentality without being hampered by the complexity that it can often entail. This is a critical component of the overall zero trust umbrella. 

Among the improvements, Microsoft Defender for Endpoint and Defender for Office 365 customers can now probe threats directly from the Microsoft 365 Defender portal, which provides alerts and in-depth investigation pages. A Threat Analytics section also provides a set of reports from Microsoft security researchers that help customers understand, prevent and mitigate active threats.

Featured Resources

How to choose an AI vendor

Five key things to look for in an AI vendor

Download now

The UK 2020 Databerg report

Cloud adoption trends in the UK and recommendations for cloud migration

Download now

2021 state of email security report: Ransomware on the rise

Securing the enterprise in the COVID world

Download now

The impact of AWS in the UK

How AWS is powering Britain's fastest-growing companies

Download now

Recommended

ProtectedBy.AI’s CodeLock blocks malware at source code level
software as a service (SaaS)

ProtectedBy.AI’s CodeLock blocks malware at source code level

9 Jun 2021
CISOs aren’t leading by example when it comes to cyber security
cyber security

CISOs aren’t leading by example when it comes to cyber security

24 May 2021
New report highlights the need for diversity in cyber security recruitment
cyber security

New report highlights the need for diversity in cyber security recruitment

28 Apr 2021
How to get help in Windows 10
operating systems

How to get help in Windows 10

18 Jun 2021

Most Popular

How to find RAM speed, size and type
Laptops

How to find RAM speed, size and type

16 Jun 2021
Q&A: Enabling transformation
Sponsored

Q&A: Enabling transformation

10 Jun 2021
Ten-year-old iOS 4 recreated as an iPhone app
iOS

Ten-year-old iOS 4 recreated as an iPhone app

10 Jun 2021