Roger Halbheer on Security
Sometimes it is hard to find the right answer to your question in the vast amount of documentation on our cloud services out there. One of the questions I often get is, which keys are used where, how they are protected and why. This is documented but all over the place (and not always consistently).…
DetailsWe are actively working on getting rid of passwords within Microsoft. In a first phase, we will not see and use our passwords anymore but on a more technical level they might still exist. The basis for this is the leverage of technologies like Windows Hello for Business and the Microsoft Authenticator App. All the…
DetailsOver the course of the last months we got a lot of good questions on Office telemetry and the data we collect to ensure the product runs smooth, secure and delivers on your expectations. Privacy is constantly in our focus and we are always trying to make improvements in that space to increase customer trust.…
DetailsA lot changed in the IT and regulatory world when it comes to the cloud. A few years ago, banks would nto even think about the cloud (maybe for dev and test but for sure not for production workloads. It was simply unthinkable that a bank would move their data in a hyper-scale cloud. And…
DetailsThat’s not a bad start of the day, reading such a headline from a Forrester analyst. I am often asked, how far we are going to drive security within Microsoft. Well, I guess here you have an answer from an outsider: Make No Mistake — Microsoft Is A Security Company Now. Even though the author…
DetailsWhen you see security incidents “in the Cloud” they often link back to misconfigurations on the networking side: Public interfaces being open, public ports being misconfigured etc. Our customers often find it hard to really understand and control the Network Security Group’s settings. Therefore, we now released Adaptive Network Hardening in public preview. To quote:…
DetailsJust before the RSA Conference, we announced the cloud-abased SOC we call Azure Sentinel. With all the noise and excitement which we had around this, another important announcement got kind of lost, even though it is at least as impactful: I am talking of Microsoft Threat Experts. To quote the announcement: Microsoft Threat Experts enables…
DetailsI hope you know the Microsoft Security Intelligence Report as we publish it since a long time.
Now, this time, we have it interactive in different areas. You can drill down to geos etc. and cut the data as you like it. It might help you to get your personal SIR.
There are different areas, where companies often struggle, when it comes to security. Setting up a proper Security Monitoring is definitely one of them. There is a lot of complexity in building a SOC, where you do not only discover anomalies caused but the average attacker but really seeing more of what is going on…
DetailsWe just launched the new Microsoft 365 security center and Microsoft 365 compliance center. This is an exciting first step in the right direct direction.
Read the corresponding clop post: Introducing the new Microsoft 365 security center and Microsoft 365 compliance center
We recently published an interesting paper to address a concern we hear often – Compliance with regards to data residency and security. The paper covers this: This paper provides guidance about the security, data residency, data flows, and compliance aspects of Azure. It is designed to help you ensure that your data on Microsoft Azure…
DetailsI recently complained about the Swiss government and our inability in Switzerland to really drive Cybersecurity forward (Federal Council not deciding again – Switzerland falling behind on Cybersecurity). It was one of the most-read blog posts I wrote during the last few years… In one of the discussions on LinkedIn I talked about one of…
DetailsWe are introducing two new Microsoft 365 security and compliance offerings: Identity & Threat Protection—This new package brings together security value across Office 365, Windows 10, and EMS in a single offering. It includes best of breed for advanced threat protection services including Microsoft Threat Protection (Azure Advanced Threat Protection (ATP), Windows Defender ATP, and…
DetailsTo be clear upfront: I think that our political system is amongst the best across the Globe. It is one of the purest systems to reflect a democratic process in a direct democracy. This is shown in special initiatives like the “Hornkuh Initiative”, where on farmer from the Swiss mountains found enough support for his…
DetailsWe had a very interesting event this week with PwC in our new pop-up store at the Paradeplatz in Zurich. PwC showed from their perspective what it takes to move to the cloud and how the auditor looks at the compliance challenges in the cloud. If is good to see as well how the industry…
DetailsThis is a great partnership with UBS and we are looking forward (I am looking forward) to continue the work with UBS:
A problem still to be solved: As soon as companies enter the B2C market, they need a way to verify the identity of the customer. Depending on the business you are in, this is more or less complex. Therefore, I think the announcement that Mastercard and Microsoft join forces to address this challenge: Mastercard, Microsoft…
DetailsThere is a lot of discussion currently going on in Switzerland about Swiss clouds. Local providers are trying to secure their market share through leveraging “Swissness” and local data storage. While this seems to be interesting in the first moment, it starts to fall apart as soon as cost gets involved or the innovation power…
DetailsThe feature for Live has been there for a while but certain announcements on out side now really caught track. I use my Microsoft Account without passwords since quite a while and it is really cool. The same comes for the business with FIDO 2.0. So you should see the news: CNBC: Microsoft announces it…
DetailsI think we are all in agreement that the internet as it is today is a great achievement but there needs to be a certain level of agreement between the different players what should be done and what not. On November 12th, Microsoft and other technology providers like Google, Facebook, Intel, Ericsson, Samsung, Accenture, Fujitsu,…
Details
