How to leverage “Secure Access Workstations” for the Cloud

This is a questions I get fairly often. But before I try to answer, let’s take a step back: We know that attackers typically try to compromise user accounts and then move laterally until they find higher-value credentials. The holy grail in this movement is typically and administrator who uses his admin account to surf…

Decentralized identity and the path to digital privacy

This week the European Identity and Cloud Conference took place, where Joy Chik, Corporate Vice President, Microsoft Identity was talking. She was actually announcing some very interesting efforts around identity and privacy, mainly the work we do around decentralized identity. If you read her blog post here, you will find a few very remarkable statement like…

Make No Mistake — Microsoft Is A Security Company Now

That’s not a bad start of the day, reading such a headline from a Forrester analyst. I am often asked, how far we are going to drive security within Microsoft. Well, I guess here you have an answer from an outsider: Make No Mistake — Microsoft Is A Security Company Now. Even though the author…

Adaptive Network Hardening in Azure Security Center

When you see security incidents “in the Cloud” they often link back to misconfigurations on the networking side: Public interfaces being open, public ports being misconfigured etc. Our customers often find it hard to really understand and control the Network Security Group’s settings. Therefore, we now released Adaptive Network Hardening in public preview. To quote:…

Introducing new advanced security and compliance offerings for Microsoft 365

We are introducing two new Microsoft 365 security and compliance offerings: Identity & Threat Protection—This new package brings together security value across Office 365, Windows 10, and EMS in a single offering. It includes best of breed for advanced threat protection services including Microsoft Threat Protection (Azure Advanced Threat Protection (ATP), Windows Defender ATP, and…