Microsoft Cloud Security Approach
The modern workplace is a relatively big concept, and everyone is talking about it! The modern workplace is empowering employees by creating a secure productive workplace to embrace diverse work styles and enable people to get things done anywhere and from any device.
Microsoft has a great offering and solutions for the modern workplace that powered by Microsoft Cloud computing, machine learning, and other great cloud technologies, they are delivering latest innovations in collaboration tools to enable unique experience and productivity.
”Productivity is the engine of human progress—it is what propels our society forward. The promise of technology is to help us get more done, with less effort.” Satya Nadella, CEO, Microsoft.
As a consultant, I led many organizations to the cloud and help them to adopt the Microsoft Cloud approach when possible, sometimes exceptionally well. During this transformation, companies have chosen to go to Office 365 to elevate their productivity inside the company, empowering people to work from anywhere, and allow employees to use personal devices.
What is missing is how IT can keep up with all these continuously changing and complex requirements, while maintaining control and security measures.
During the plan and design to implement the modern workplace, it’s very important to have a vision and roadmap about how to think, deploy and consume cloud and manage mobility and security. Having a clear cloud security approach from the beginning is a key thing and should be communicated internally within the IT, security and key other inside your company.
While Microsoft can provide productivity solution as a SaaS offering, you need to think about how to deliver productivity across devices, and at the same time maintain security measures. Microsoft has a great offering with Windows 10 Security, Azure Security, Office 365 security, Enterprise Security and Mobility and other cloud solutions that can provide a layer of security, even with third-party technologies that can complete the required solution.
Plan your next steps
It all starts from the perspective, where you can look at the big picture, taking the current situation, understand what is happening in your environment, embrace change, how do you want to see the solution and come up with a roadmap and clear vision including answers for every scenario.
A roadmap is usually envisioning where you want to be in 2 or 3 years in terms of security, manageability, and mobility, taking into consideration, your business direction to move to the cloud and use more SaaS applications.
Make sure your IT security, information security, C-Level, are in sync when it comes to the big picture and the roadmap. They do not need to know the details, but you should deliver, transfer and communicate with them your vision of security and mobility in a cloud-first solution.
Note: It’s very important to remember that with today’s innovation it’s very difficult to plan a few years ahead.
So what is exactly the Modern workspace and how this fits into information security aspects, the workplace is transforming, from changing employee expectations to more diverse and globally distributed teams to an increasingly complex threat landscape.
Today’s IT professionals are at the center of this transformation embedded in the business, leading the conversation, architecting solutions. For IT, that means being a catalyst for this change, evolving how you think about the tools you deliver for your organization. Microsoft 365 integrates the best across Windows 10, Office 365, and EMS into a complete, intelligent, and secure solution to empower employees.
Learn how you can take advantage of the latest tools to simplify management and deliver up-to-date security while enabling a modern workplace for your users.
Microsoft Cloud Design Factors
During the design for your roadmap, The suggestion is to make sure you’ve few design factors, so that you can have a criteria when you choose a technology or a solution. Design factors based on the following criteria:
- Simplify Infrastructure
- User Design
- Integration and Preference
- SaaS first
There are another point but this is the main and it can help. For example if you want to implement mobile security solutions, and you’ve two proposed technologies, one requires to be implemented on-premises, and one is offered completely as a SaaS, then by looking at the above design factors, we can see that simplify Infrastructure and SaaS First design factors will help us decide on the cloud solution.
Another key design factor that will help you during your vision and architecture exercise is the principle of integration over preference. A good example would be to use Microsoft Office 365 ATP to protect your emails from zero-day attacks, instead of purchasing this service from a third party, in case your mailboxes are hosted in Office 365. The reason behind this is that you will get a lot of integration and capabilities that otherwise would be hard to get from any third party.
Another example is the Microsoft Cloud App Security (CASB\MCAS) and the integration with Office 365 services. Microsoft CAS has deeply integrated with Office 365 services, Azure AD, Azure OMS and Azure Information Protection (AIP). Not only you can detect anomalies and have a full investigation dashboard for all your office 365 workloads, but you can also actually trigger an action from within CAS portal, like disabling an external share link, label the document with Azure AIP, or even suspend the user who is doing suspicious activities. Although there may be a good third-party solution, still the integration can be difficult.
Another design factor that I would like to raise is the concept of SaaS first, then PaaS than IaaS. SaaS will give you the lowest administrative work, and you just focus on managing the services and getting values so quickly and quick win. Whenever you have two solutions and one of them is SaaS, just give that a higher ranking before deciding which technology to go for if they both are similar in functionalities and expected added value.
Solution Areas (Information Mapping)
Whenever think of the modern workplace, always think of main solution points:
For each solution points, you need to create your own roadmap and vision. For example, in the security area what are the business scenarios and behavioral changes you are looking for, and what technologies you might need in place for that. This will give you a more clear idea about what technologies to onboard and projects to the initiative.
The simple way to think about security and mobility
As the modern workplace grows in complexity, Microsoft continues building and enhancing its security capabilities to help customers stay ahead of modern threats. Microsoft itself is one of the world’s largest enterprises and uses the same security products to protect our organization that we offer our customers.
The modern workplace is exposed to the rapid evolution of cyber threats, from individual threats to sophisticated organizational breaches, to rapid cyberattacks. With the growing complexity of the modern workplace, the attack surface has rapidly expanded, to a point where no single service can adequately protect an organization. To address this, we focused on developing different services that specialize in the main threat vectors and then integrating them together via the Intelligent Security Graph.
The modern workplace is composed of employee identities, enterprise applications and data, devices, and infrastructure. To mitigate advanced threats from each of these potential threat vectors providing an end to end, holistic solution securing an organization’s entire attack surface enabling:
- Protection – against advanced threats such as 0-days, targeted phishing, ransomware, and others
- Detection – when a breach has occurred, who has been breached, what data has been compromised
- Response – remediate from an attack and return the organization to a no threat state
- Education – end users on how to react or respond to different types of threats
Let’s take a simple example, Company is using Microsoft Office 365 productivity tools, and they are thinking about how to provide security and mobility support for Office 365 data. When they planned for an anti-malware solution for their email, they went for Microsoft Advanced Threat Protection, as one of the design patterns, and it would make sense to go with Microsoft solution for better integration.
The company is also planning to adopt a SaaS model for their business applications, and they have a big need to provide single sign-on capabilities and MFA for few workloads. They recognized that they need to provide a solid identity services using Azure Active Directory Premium plan.
They start investing in positioning Azure AD as the source of SSO connections for all current and future services. They also made it clear that any MFA requirement should be handled by Azure AD as the unified solution for MFA inside the company. Any application that requires an MFA shall integrate with Azure AD first.
For mobility, the Company is heavily investing in Microsoft Intune, as it helped them enroll devices, and personal devices using MAM policies. Intune also helped in enrolling Windows 10 devices for remote workers with the Azure domain join functionality
For data protection and DLP, the company is heavily investing in Azure Information Protection, to prevent leakage and protect documents at the data level. when looking to provide a defense in depth approach for their cloud workloads at the following levels:
- Applications (SaaS) | Shadow IT
The known concept in the cloud is Identity Driven Security and it is implemented inside Microsoft Azure using Azure Active Directory such as Conditional Access, Identity Protection, Risk-Based Score.
One of the benefits of Microsoft Cloud security protection is a seamless integration that enables rapid transfer of information across platforms and services to help ensure all attack surfaces are quickly secured no matter where a threat originates. Microsoft also provides advanced security features in their cloud security solutions such:
- Azure AD Premium
- Cloud App Security
- Azure Information Protection
- Windows 10 E5 with Windows Defender ATP
- Office 365 ATP
- Azure Security Center