Digital security strategy at Microsoft
At Microsoft, our identity-driven security solutions protect users, devices, and data from potential vulnerabilities at every touchpoint, everywhere they work. Artificial intelligence and machine learning help us automate mundane security tasks, and complex product integrations improve our threat detection and remediation efforts.
This content suite shows how Core Services Engineering and Operations approaches security to secure valuable company and customer data.
At Microsoft, risk management anchors our data security efforts. Collaborating across our global team, business and security leaders worked together to establish a security governance model that can address general security, data protection, and privacy risks throughout our enterprise.
Our approach ensures a strong foundation that supports how we identify, mitigate, and respond to the emerging security risks that impact Microsoft.
Speaking of security: Risk managementWATCH WEBINAR
Building cloud apps using the Secure DevOps Kit for AzureREAD ARTICLE
Integrating security into the mobile app development life cycleREAD ARTICLE
10 tips for how Microsoft partners with its employees to build a secure enterpriseREAD BLOG
As our network infrastructure has continued to evolve and transition to the cloud, Microsoft Core Services Engineering and Operations knew it was important to implement security practices that can reliably support our developing ecosystem.
The assurance practices we’ve put in place keep Microsoft’s risk management efforts and overall security strategy covered and protected across our growing infrastructure.
Speaking of security: Cloud migrationWATCH WEBINAR
IT expert roundtable: Enterprise network security at MicrosoftWATCH WEBINAR
Securing the hybrid cloud network with Azure ExpressRouteREAD ARTICLE
Client security: shifting paradigms to prepare for a cloud-only futureREAD ARTICLE
Creating security controls for IoT devices at MicrosoftREAD ARTICLE
Designing a software-defined strategy for securing the Microsoft networkREAD ARTICLE
As part of our move to the cloud, we transitioned our security strategy to an identity controls system. These identity controls surpass the basics of authentication and authorization, eliminating user passwords in favor of stronger, alternative authentication methods and protecting powerful administrator accounts with multifactor authentication. Our new controls also enable identity lifecycle management and allow us to grant just-in-time access across our global, interconnected community.
Here we share how Microsoft uses identity as our most effective security perimeter, protecting both on-premises operations and interactions in the cloud.
Speaking of security: Identity managementWATCH WEBINAR
Improving security by protecting elevated-privilege accounts at MicrosoftREAD ARTICLE
IT expert roundtable: Microsoft 365 securityWATCH WEBINAR
IT expert roundtable: How Microsoft secures elevated access with tools and privileged credentialsWATCH WEBINAR
Using Azure AD Privileged Identity Management for elevated accessREAD ARTICLE
For Microsoft, transitioning to the cloud has meant leaving behind the corporate structure of a centralized firewall system. But unmanaged devices open a point of vulnerability for attackers, presenting high risk to the enterprise. That’s why Core Services Engineering and Operations developed alternative methods to support device health across our cloud-connected environment.
The device health strategy at Microsoft ensures that our devices are configured appropriately, operating systems are up to date, and enterprise requirements are satisfied.
Keeping Windows 10 devices up to date with Microsoft Intune and Windows Update for BusinessREAD ARTICLE
Migrating mobile device management to Intune in the Azure portalREAD ARTICLE
Microsoft processes billions of data points from billions of sources, ranging from internal data streams from data centers in more than 40 countries and regions to external data gleaned across the internet and gained from interactions with customers. In tackling this enormous data landscape, we use telemetry to reduce response times around intelligence delivery and alerts. Meanwhile, incorporating AI simplifies and automates repetitive tasks, which in turn increases capacity and scalability.
Read about how telemetry powers insights that permeate every corner of Microsoft’s business, from environment intelligence to device insights, and crisis management to security compliance.
Speaking of security: Data and telemetryWATCH WEBINAR
Microsoft uses threat intelligence to protect, detect, and respond to threatsREAD ARTICLE
Windows Defender ATP helps analysts investigate and respond to threatsREAD ARTICLE
Security expert roundtable: advanced threat protection at MicrosoftWATCH WEBINAR
In a world without corporate network boundaries, where cloud computing has permanently reshaped the model of business IT, we need to be able to protect our data wherever it is, all the time. Keeping pace with this cloud-connected future has required us to make fundamental changes to Microsoft products, evolving the ways we classify and protect data.
Microsoft honors data as the currency of our business, and we work to seamlessly protect that data for our global enterprise and for all the customers, partners, and suppliers we work with.