The Microsoft Incident Response team takes swift action to help contain a ransomware attack and regain positive administrative control of the customer environment.
As companies embrace the cloud and mobile computing to connect with their customers and optimize their operations, they take on new risks. Traditional IT boundaries have disappeared, and adversaries have many new attack vectors.
Even with a bevy of security tools already deployed, IT teams are having to process a lot of data and signal that makes it hard to find and prioritize relevant threats. Solutions often compromise end-user productivity for the sake of security, leading to end-user dissatisfaction and, too often, rejection or misuse of the solution. And, without the ability to detect suspicious behavior, early signs of an attack can go unnoticed.
To confront these challenges, Microsoft is building a platform that looks holistically across all the critical endpoints of today’s cloud and mobile world. We are acting on the intelligence that comes from our security-related signals and insights. And we are fostering a vibrant ecosystem of partners who help us raise the bar across the industry.
Our platform investments span four categories: identity, apps and data, devices, and infrastructure. Here is what you can expect from our security platform and solutions in each of these critical areas:
Identity— Help protect against identity compromise and identify potential breaches before they cause damage
- Mitigate identity compromise with multi-factor authentication
- Go beyond passwords and move to more secure forms of authentication
- Identify signs of breach early with behavioral analytics that help detect suspicious activity
- Respond quickly by automatically elevating access requirements based on risks
Apps and Data—Boost productivity with cloud access while keeping information protected
- Enable employees to use cloud apps without losing control of corporate data
- Classify, contain, and encrypt data based on IT policy—even on user-owned devices
- Get notification of attempts for unauthorized data access, manage access to documents, remotely wipe data when necessary
Devices—Enhance device security while enabling mobile work and BYOD
- Encrypt data, manage devices, and ensure compliance
- Automatically identify suspicious or compromised endpoints and respond to targeted attacks
- Rapidly block, quarantine, or wipe compromised devices
Infrastructure—Take a new approach to security across your hybrid environment
- Gain greater visibility and control across on-premises and cloud environments
- Enforce security policies on cloud resources and detect any deviations from baselines
- Identify signs of compromise early through behavioral analysis and respond more quickly
- Separate security event noise from signals with advanced analysis and machine learning