cyber security

Microsoft updates security applications for multicloud environments

Microsoft updates security applications for multicloud environments

Microsoft extends Microsoft Defender for Cloud to support Google Cloud environments, delivers a number of security updates for Azure Active Directory and Azure services, and provides CloudKnox permission management as part of public preview


Microsoft updates security applications for multicloud environments
Commonwealth of Independent States
 

In an effort to modernize its security applications for organizations increasingly responsible for securing multi-cloud environments, Microsoft is launching new visibility and control capabilities for software, workloads, devices, and digital identities that access or operate on a hybrid computing infrastructure.

Updates announced in late February 2022 include expanding Microsoft Defender for Cloud to Google Cloud Platform (GCP) support; New version of rights management platform taken over from CloudKnox in July 2021; Improved data analysis and archiving for Microsoft Sentinel SIEM (System Information and Event Management); Plus new identity management, compliance, and payment capabilities for Azure and Azure Active Directory (AAD).

Check also:

Microsoft said all of these features will be available to customers through a centralized management view. “Organizations around the world are facing complex ransomware and nation-state attacks, even as they continue to evolve toward more stringent compliance requirements,” Vasu Jakkal, Vice President of Security, Compliance, and Identity at Microsoft, wrote in a blog post. “These new features and offerings are designed to secure the foundations of hybrid business and digital transformation.”

92 percent of companies surveyed in a recent Flexer cloud report said they have a multicloud strategy, but only 42 percent of respondents said they use multicloud management tools.

“For organizations to take full advantage of multiple cloud strategies, it is imperative that their security solutions reduce complexity,” Jakkal assesses.

Microsoft Defender for the Cloud with GCP Extension

Microsoft’s threat management and security management tool, Defender for Cloud, has been expanded to run on the Google Cloud Platform (GCP) to allow CSOs to configure GCP environments according to key security standards such as the Center for Internet Security (CIS) standards, and protect workloads running on GCP By identifying weaknesses.

With support for GCP, Microsoft claims to be the first cloud provider with multi-cloud native protection for three leading cloud platforms – Microsoft Azure, Amazon Web Services (AWS), and GCP.

“Microsoft continues to focus on delivering robust cybersecurity solutions at a time when the global cyberthreat landscape has never been greater,” said Gary McCallum, senior analyst at research and consulting firm TAG Cyber. “Extending MS Defender to Google Cloud provides more options for a different segment of the cloud market and removes the excuse that GCP is not supported.”

CloudKnox is designed to support zero-trust security

Microsoft also provides CloudKnox permission management in a public preview version. The CIEM (Cloud Infrastructure Entitlement Management) suite of software is designed to help customers manage identities and entitlements in multicloud environments and help them achieve distrust. Zero Trust is based on the assumption that everything inside or outside the organization’s boundaries should be trusted automatically, and anything trying to connect to the company’s systems must be checked before access is granted.

CloudKnox is designed to provide visibility into identities, users, and workloads running on cloud platforms, as well as detect and fix suspicious activity. It constantly monitors access to less privileged accounts using machine learning algorithms.

Sentinel adds great potential for data analysis

Microsoft announced new Sentinel features for customers using SIEM in cloud environments, including logging capabilities that allow the application to search large amounts of data to identify high-impact, low-visibility events.

Search capabilities are designed to allow security analysts to search large amounts of security data from logs, analytics, and history for threats. Adding to this functionality is the possibility of data archiving, which allows data to be stored for a longer period than now, ie from two to seven years.

Simplify your identity, compliance and payment controls

As part of a series of security announcements, Microsoft has released identity, compliance, and payment updates across several applications:

  • The core capabilities of Azure Active Directory that focus on protecting user identities have been expanded to support workload identities. Identity protection for workloads, along with the conditional access that the company announced last year, is expected to enable effective management of workload identities in cloud-native applications.
  • Microsoft Endpoint Manager contains three new features that allow you to configure custom device compliance policies and monitor non-compliance on macOS devices; Apply conditional boot requirements via Active Ditrectory on devices running Android 11; And turn on biometric authentication to verify identity on Android 11 devices.

Microsoft has also launched a new payment protection service – Azure Payment HSM (Hardware Security Module), currently in public preview, which aims to help secure payments processed in the cloud. HSM is an Infrastructure as a Service (IaaS) service that allows customers to connect a device directly to a virtual network to better protect customers’ cryptographic keys and PINs.

“The improvements to Active Directory, access management, data analytics, policy compliance, and secure payment processing are an impressive set of important features,” says McAlum. “These presentations demonstrate Microsoft’s significant commitment to building comprehensive cloud-based defense systems that enable business innovation and digital transformation.”

Source: CSO

.

Related Articles

Back to top button