Microsoft announces new security capabilities for the multicloud world

4 mins read

DigitalCFO Newsroom | 25 February 2022

Native capabilities of Microsoft Defender for Cloud now extended to the Google Cloud Platform (GCP), in addition to Microsoft Azure and Amazon Web Services (AWS) 

CloudKnox Permissions Management now in public preview to permission management of any identity  across any cloud  

New capabilities on Microsoft Sentinel for security teams to analyze security data and threat hunt more  efficiently and comprehensively

Microsoft today announced new security solutions to help  customers strengthen visibility and control across multiple cloud providers, workloads, devices and digital  identities – all from a centralized management view. These include the extension of native capabilities of  the Microsoft Defender for Cloud to the Google Cloud Platform (GCP), public preview of CloudKnox  Permissions Management, and new security data analysis capabilities on Microsoft Sentinel. 

As businesses adapt and transform through the adoption of cloud, mobile and edge platforms, this has also  brought about increased security considerations. According to the Flexera 2021 State of the Cloud Report,  92% of respondents are using a multicloud model, meaning they rely on apps and infrastructure from  multiple cloud providers. Another recent survey sponsored by Microsoft shows that 73% of respondents  say it is challenging to manage multicloud environments. For organizations to fully embrace these  mutlicloud strategies, it is crucial that their security solutions reduce complexity and deliver comprehensive  protection. 

Vasu Jakkal, Corporate Vice President, Security, Compliance and Identity at Microsoft, said: “Cyber  risks are inevitable and ever-evolving, but the more we build comprehensive, integrated, and  cloud-powered defenses using automation to prevent, detect and mitigate risk, the more we can empower  organizations of all sizes to be fearless in their digital transformation and continue to innovate. We are  committed to delivering comprehensive solutions that work seamlessly across platforms and extend to  clouds and apps well outside our own offerings so that our customers can secure their entire digital estates  end-to-end.”

Delivering the Future of Multicoud 

As organizations continue to embrace multicloud strategies, it is crucial that their security solutions reduce  complexity and allow them to strengthen overall security postures – all from a single place. To address this,  Microsoft will be extending the native capabilities of Microsoft Defender for Cloud to the GCP. This is  another step in its journey to protect its customers across diverse cloud systems. With GCP support,  Microsoft is now the only cloud provider with native multicloud protection for the industry’s top three  platforms: Microsoft Azure, Amazon Web Services (AWS), which was announced at Ignite in November 2021,  and now GCP. 

This support for GCP comes with out-of-the-box recommendations that allow customers to configure GCP  environments in line with key security standards, such as the Center for Internet Security benchmark, and  protection for critical workloads running on GCP. This will allow organizations to manage their security  centrally and natively across clouds. 

Securing Identity and Strengthening Zero Trust 

Identity is the new battleground for cyberattacks, and security and compliance fundamentals begin with  conclusively managing this key pillar. A multicloud world means that the number of platforms, devices,  users, services and locations multiplies exponentially – and organizations often face the challenge of  securing this.  

Microsoft today announced that it will be offering the public preview of CloudKnox Permissions  Management. This follows Microsoft’s acquisition of CloudKnox Security in 2021, to accelerate its ability to  help customers manage permissions in their multicloud environments and strengthen Zero Trust security  postures. CloudKnox will help provide organizations complete visibility into user and workload identities across clouds, with automated features that consistently enforce least privilege access and use machine  learning-powered continuous monitoring to detect and remediate suspicious activities. 

Reinventing the Economics of Data 

Microsoft also announced new ways for security teams to access and analyze security data with Microsoft  Sentinel, as they defend against ever-evolving cyberthreats. This will reinvent the economics of working  with security information and event management data, and deliver new ways to access and analyze security  data by embracing all data types, wherever they live, to provide the most comprehensive threat hunting  solution. 

Capabilities introduced include basic logs that allows Microsoft Sentinel to sift through high volumes of  data and find high-severity but low-visibility threats. In addition, Microsoft Sentinel will have a new data  archiving capability to extend data retention beyond Microsoft’s current policy of two years, to seven years, to support its customers’ global data compliance needs. Microsoft will also be adding a new search  experience to empower security analysts to hunt for threats effectively, as they now can search massive  volumes of security data quickly and easily from all logs, analytics, and archives. 

Delivering Greater Visibility and Control 

As cyberattacks continue to evolve, organizations need to prepare for attacks to come from both inside and  outside their networks. Microsoft has also announced a slew of comprehensive solutions that organize  security, compliance, identity, endpoint management, and privacy as an interdependent whole, while  extending protection across platforms and clouds:

Secure workload identities with Azure Active Directory (ADD), beyond its core capabilities of  protecting user identities, as customers move more workloads into the cloud and develop more  cloud-native applications.  

Secure payment processing with Azure through the launch of a new service, Azure Payment HSM, in public preview for payment card issuers and network and payment processors to securely process  payments in the cloud. Azure Payment HSM provides the highest levels of protection for cryptographic  keys and customer PINs for secure payment transactions.  

Visit Microsoft Security’s website to learn more about its solutions.