How to leverage “Secure Access Workstations” for the Cloud

This is a questions I get fairly often. But before I try to answer, let’s take a step back: We know that attackers typically try to compromise user accounts and then move laterally until they find higher-value credentials. The holy grail in this movement is typically and administrator who uses his admin account to surf…

Details

Decentralized identity and the path to digital privacy

This week the European Identity and Cloud Conference took place, where Joy Chik, Corporate Vice President, Microsoft Identity was talking. She was actually announcing some very interesting efforts around identity and privacy, mainly the work we do around decentralized identity. If you read her blog post here, you will find a few very remarkable statement like…

Details

Make No Mistake — Microsoft Is A Security Company Now

That’s not a bad start of the day, reading such a headline from a Forrester analyst. I am often asked, how far we are going to drive security within Microsoft. Well, I guess here you have an answer from an outsider: Make No Mistake — Microsoft Is A Security Company Now. Even though the author…

Details

Adaptive Network Hardening in Azure Security Center

When you see security incidents “in the Cloud” they often link back to misconfigurations on the networking side: Public interfaces being open, public ports being misconfigured etc. Our customers often find it hard to really understand and control the Network Security Group’s settings. Therefore, we now released Adaptive Network Hardening in public preview. To quote:…

Details

Achieving Compliant Data Residency and Security with Azure

We recently published an interesting paper to address a concern we hear often – Compliance with regards to data residency and security. The paper covers this: This paper provides guidance about the security, data residency, data flows, and compliance aspects of Azure. It is designed to help you ensure that your data on Microsoft Azure…

Details

Politician’s Reactions on VIP Hack in Germany

I recently complained about the Swiss government and our inability in Switzerland to really drive Cybersecurity forward (Federal Council not deciding again – Switzerland falling behind on Cybersecurity). It was one of the most-read blog posts I wrote during the last few years… In one of the discussions on LinkedIn I talked about one of…

Details

Introducing new advanced security and compliance offerings for Microsoft 365

We are introducing two new Microsoft 365 security and compliance offerings: Identity & Threat Protection—This new package brings together security value across Office 365, Windows 10, and EMS in a single offering. It includes best of breed for advanced threat protection services including Microsoft Threat Protection (Azure Advanced Threat Protection (ATP), Windows Defender ATP, and…

Details