Hackers don’t break in – they log in

We talked about this very often so far: Passwords are by far the weakest link when it comes to security today. 81% of successful attacks involve lost, breached or re-used passwords. There is another fairly current article mentioning that, even when it comes to industrial espionage in the times of COVID-19: State-linked hacking continues amid…

Secure Working from Home – Some Ideas and Guidance

There is plenty of information out there how to secure a “Home Office” environment in these days and I do not want this to be another one. However, I tried to compile a few resources, which might help you overcome some of the current challenges: VPN Shortage Quite some customers initially decided to route their…

Still relying on the network? It is the user!

It is not the first time I am talking about Zero Trust here. And often it is absolutely clear to the customers that the next perimeter is the identity and not necessarily the network to the same extent anymore. Read this article: More Than 99% of Cyberattacks Need Victims’ Help – the network protection will…

How to leverage “Secure Access Workstations” for the Cloud

This is a questions I get fairly often. But before I try to answer, let’s take a step back: We know that attackers typically try to compromise user accounts and then move laterally until they find higher-value credentials. The holy grail in this movement is typically and administrator who uses his admin account to surf…

Decentralized identity and the path to digital privacy

This week the European Identity and Cloud Conference took place, where Joy Chik, Corporate Vice President, Microsoft Identity was talking. She was actually announcing some very interesting efforts around identity and privacy, mainly the work we do around decentralized identity. If you read her blog post here, you will find a few very remarkable statement like…

Make No Mistake — Microsoft Is A Security Company Now

That’s not a bad start of the day, reading such a headline from a Forrester analyst. I am often asked, how far we are going to drive security within Microsoft. Well, I guess here you have an answer from an outsider: Make No Mistake — Microsoft Is A Security Company Now. Even though the author…

An important step toward peace and security in the digital world

I think we are all in agreement that the internet as it is today is a great achievement but there needs to be a certain level of agreement between the different players what should be done and what not. On November 12th, Microsoft and other technology providers like Google, Facebook, Intel, Ericsson, Samsung, Accenture, Fujitsu,…