Learn about 4 approaches to comprehensive security that help leaders be fearless
The last 18 months have put unprecedented pressure on organizations to speed up their digital transformation as remote and hybrid work continue to become the new normal. Yet even with all the change and uncertainty, having the right security support system in place means your organization can still move forward confidently to turn your vision into reality. I’ve seen our customers demonstrate this fearlessness every day, and I love learning from them as we stand together against ongoing threats.
According to the Microsoft Zero Trust Adoption report,1 security is the top concern for organizations moving to hybrid work, and it’s the number one reason that security professionals are adopting a Zero Trust approach. According to the report, only 31 percent of organizations that reported being ahead with their Zero Trust implementation were impacted by NOBELIUM, the perpetrators of the SolarWinds attack.2 Compare that to the 75 percent negatively affected by this devastating cyberattack that reported lagging behind in their Zero Trust implementation.
Figure 1: Negative impacts of cyberattacks in relation to Zero Trust implementation.
Knowing that your organization is protected from such threats, both external and internal, helps build the confidence you need to succeed. Zero Trust is a strategy that will help you get there. At Microsoft Security, we’re embracing the new reality of hybrid work by providing comprehensive security with best-in-breed coverage—driven by AI and simplified for easy management—so you can be fearless in the pursuit of your vision. In this blog, I’ll share some of our customers’ stories and how they’ve empowered their teams to move forward with confidence during this time of unprecedented change.
1. Comprehensive means coverage of your entire environment
Microsoft unifies security, compliance, identity, and management to help you improve productivity and protect your entire digital estate. By providing an end-to-end solution, we’re able to integrate layers of protection across multiple clouds, platforms, endpoints, and devices—Windows, macOS, Linux, iOS, Android, Amazon Web Services (AWS), Workday, Salesforce, and more. This comprehensive approach reduces the risk of data breaches as well as compliance and privacy missteps. Once the user sets the polices, Microsoft solutions provide data governance that can help enact better security.
Figure 2: Microsoft Zero Trust architecture.
More than providing products and services, we collaborate with our customers to understand their environments and build solutions that fit their needs. One such collaboration was with Siemens where they moved from traditional on-premises security to a scalable, flexible solution to fit the company’s complex environment. Having built its reputation for innovation across diverse industries—energy, healthcare, industrial automation, building control systems, and more—research and development continues to play a vital role in the company’s success. For that reason, protecting the company’s staff and intellectual property is always top of mind. And with offices in 200 countries, managing cybersecurity amid a global landscape of shifting compliance and security regulations provides an ongoing challenge.
“There aren’t many vendors on the planet that can create a solution capable of providing consolidated insights into large, complex environments like ours. That’s why we chose Microsoft.”—Thomas Mueller-Lynch, Service Owner Lead, Digital Identity, Siemens.
“The sheer size of Siemens challenges us as to how we provide the best possible security,” explained Peter Stoll, Cybersecurity Officer and Program Lead for Zero Trust at Siemens IT Worldwide. “We like to make sure we get the benefits of emerging technologies.”
When Siemens decided to make the move from on-premises security to a Zero Trust approach, it turned to Microsoft Security. Their IT team implemented a range of security solutions through their Microsoft 365 subscriptions, including Microsoft Azure Active Directory (Azure AD) with Conditional Access as a policy engine, Microsoft Information Protection, Microsoft Defender for Endpoint, Microsoft Defender for Identity, and other solutions—creating a blueprint for ongoing security enhancements. “We chose the best of suite approach with the Microsoft 365 E5 solution,” explained Mueller-Lynch. “Now we have an overview of our environment that helps us react in real-time and defend against attacks proactively.”
2. Comprehensive isn’t just coverage—it’s best-in-breed protection
Today’s organization not only requires security coverage across their threat landscape but also the confidence that comes with knowing that your provider has a proven track record. Microsoft is a leader in five Gartner Magic Quadrants and eight Forrester Wave categories, and we ranked the highest in the MITRE Engenuity® ATT&CK Evaluations. Microsoft was also named a Leader in IDC MarketScape for Modern Endpoint Security. With best-in-breed protection across the Zero Trust security fundamentals shown in Figure 2, Microsoft provides a security safety net that’s not only comprehensive and fully integrated, but durable for the future. Microsoft’s comprehensive solution has innovation at its heart.
Duck Creek Technologies serves the global property and casualty insurance industry by providing cloud-based, software as a service (SaaS) solutions that help insurance carriers operate faster and smarter. When the company’s existing security information and event manager (SIEM) neared the limits of its processing capabilities, Duck Creek needed to upgrade without losing critical data or reducing its ability to detect threats. “Security is a very big part of how we’ve created the relationships we have with our illustrious list of customers,” says John Germain, Vice President and Chief Information Security Officer, Duck Creek Technologies. “I wanted to be sure that the solution we shifted to was best-in-class. Because Microsoft steadily improves its products and solutions to stay ahead of competing offerings, I know we’re in good hands.”
Duck Creek made a quick and painless migration to both Microsoft Defender for Cloud and Microsoft Sentinel. The company also uses Microsoft Endpoint Manager to manage its mobile-device security policies. Combining this functionality, Duck Creek has created single-pane-of-glass visibility for its remote workforce. “We now have incredible visibility across our entire technology stack, all in one place,” says Germain.
3. Integration and AI power Zero Trust security
Like Siemens, shifting from on-premises security to a multi-layered Zero Trust approach required the investment platform company eToro to reassess its infrastructure. As a social investing platform with more than 17 million registered users across more than 100 countries, their IT team has a lot to cover. “When we were operating our traditional third-party antivirus in parallel with our Microsoft solutions, we noticed that Microsoft Defender for Endpoint was acting as our first barrier against attackers. And in 99 percent of incidents, it was the first to detect and act on threats,” says Shay Zakai, Director of Corporate IT, eToro.
That level of protection gave eToro the confidence to remove its third-party antivirus software and rely on Microsoft’s comprehensive, integrated layers for Zero Trust security. That native integration enables Microsoft’s intelligent tools to cut alert volume by 90 percent while automatically remediating up to 97 percent of endpoint attacks. Today, eToro makes ample use of multiple components within Microsoft Defender for Endpoint—threat and vulnerability management, attack surface reduction, endpoint detection and response (EDR), and automatic investigation and remediation—to protect their global operations.
“Microsoft Cloud App Security [Microsoft Defender for Cloud Apps] gives us the ability to analyze and classify information from Google Workspace and our other third-party apps in conjunction with Microsoft’s compliance tools,” Zakai explains. “That level of information gives us the power to restrict activities and enforce regulations as we see fit.”
eToro also integrates Microsoft Intune, a component of Microsoft Endpoint Manager, for their mobile device and mobile application management. By adopting Microsoft’s integrated, AI-driven security, eToro not only automated threat detection and remediation but also increased mobility for employees while reducing their operating costs. “Because of our adoption of Intune and Microsoft Defender for Endpoint, we had virtually no security concerns as we adapted to COVID-19,” says Zakai. “We were more than 90 percent ready to move to a work-from-home model on day one of the crisis.”
4. Simplicity is stronger
Most security professionals agree that security silos bring risks.3 Microsoft enables organizations to simplify and strengthen their security by consolidating up to 50 disparate products—integrating with other tools to streamline investigation and remediation. When MVP Healthcare decided to divest from the numerous redundant security licenses they’d been relying on, it turned to Microsoft Security for a simpler, more easily managed security posture. The company was using roughly 300 different vendor solutions, many of them designed for specialized functions, and Chief Information Officer (CIO) Michael Della Villa wanted to simplify.
After replacing their legacy security solutions with Microsoft Sentinel, Microsoft Defender for Cloud, Azure Firewall, and other Microsoft security solutions, MVP Healthcare’s IT team was freed up to concentrate on crucial tasks that require human attention. “Microsoft offers the cohesive solution we need,” Della Villa says. “We spent so much time trying to maintain the prior system that we weren’t actually using it. Now we easily get very detailed information from Microsoft Sentinel because it’s so well connected across all of our Microsoft solutions. The focus and clarity we’ve gained is a crucial benefit.”
MVP Healthcare also uses Microsoft Defender for Cloud to protect hybrid workloads. “Alerts from Microsoft Defender for Cloud, Microsoft Defender for Cloud Apps, and other solutions are chained together in an actionable way,” adds MVP Healthcare cybersecurity consultant James Greene. “The entire security suite is seamlessly connected. We appreciate that because we can build a comprehensive policy for dealing with security issues in one place.”
As a global leader in technology manufacturing for IoT systems, machine automation, and embedded computing, Advantech found itself the target of a widely publicized ransomware attack in November 2020. The attack was limited to corporate network servers and was quickly mitigated, but it served as a wakeup call. Future threats could affect factory production, delay customer deliveries, lead to theft of sensitive intellectual property, and even result in safety risks.
“We did many proof of concepts (POCs) with many different vendors, but no one met our needs,” says Kevin Lin, IT Manager at Advantech. “We wanted a comprehensive solution to create better efficiency and visibility. We needed security without affecting efficiency on the client side, or requiring specialist installation and configuration by administrators. We decided on Microsoft.”
According to Kevin, Microsoft Security offers a distinct advantage in its holistic approach to services and security. “Other solutions were a little siloed, specialized, and required individual testing—both for the product and support,” he says. “Many didn’t adequately address operational technology (OT) requirements for manufacturing plants, and we recognized that Advantech’s environment called for a comprehensive solution like Microsoft Security, not a collection of solutions.”
Advantech’s security team is now looking to further raise visibility into their IoT and OT risk with agentless, network-layer security provided by Microsoft Defender for IoT—including asset discovery, vulnerability management, and continuous threat monitoring with anomaly detection. “We didn’t have staff dedicated to figuring out our security situation in our manufacturing plants (where IT security isn’t their specialty),” Kevin says. “This attack alerted senior management that they needed to deploy OT security monitoring in our factory networks as well.”
Helping you be fearless
Across the world with organizations of all sizes, from startups to multinational corporations, we see security teams behind the scenes quietly being fearless in achieving their goals. Despite the threats they face daily, these unsung leaders bravely continue the journey of helping their organizations digitally transform. They and you are the reason we want to show up for this important work. By providing not just comprehensive security, but best-in-breed protection with deep intelligence and simplified experiences—Microsoft Security is right there beside you. We want to help you secure everything and be fearless, and turn your vision into reality. To hear from our customers in their own words, visit Customer Stories to learn more. We look forward to our journey together, being fearless, and empowering each other to thrive!
To learn more about Microsoft Security solutions, visit our website. Bookmark the Security blog to keep up with our expert coverage on security matters. Also, follow us at @MSFTSecurity for the latest news and updates on cybersecurity.
1Zero Trust Adoption Report, Microsoft Security, Hypothesis Group 2021. July 2021.
2The hunt for NOBELIUM, the most sophisticated nation-state attack in history, John Lambert, Microsoft Security. 10 November 2021.
3Why Security Can’t Live In A Silo, Douglas Albert, Forbes Technology Council, Forbes. 5 October 2020.
READ MORE HERE