Microsoft announces new security, privacy features at Ignite

Microsoft has consolidated some security tools under the Defender brand and added security and privacy features and products. Here's a look at what's new.

Microsoft Windows  >  Defending against attacks
IDG / Microsoft

The recent Microsoft Ignite event had a strong security theme that featured a rebranding of its Defender products and tools to help comply with privacy regulations. The pandemic has pushed all organizations to be more flexible and introduce technology that would otherwise have taken years to deploy. We are all pushing our IT teams to do more and protect more. That’s why I look to events like Ignite for solutions and ideas that can benefit my firm.

Keeping up with privacy mandates

Deploying technology quickly often results in overlooked compliance with privacy mandates. Privacy Management for Microsoft 365 is a recent addition to Microsoft’s solution suite. Global businesses need to be cognizant of the mandates of the countries in which they operate. What is considered private in one location might not be in another country.

A new dashboard allows you to quickly assign data classifications so that you can identify email, spreadsheets and other communication that needs better handling. Privacy Management automates and helps the end user make smarter data sharing decisions. No longer can the user quickly share the spreadsheet if there are sensitive items such as credit card or Social Security numbers embedded in the document. The system flags the user to take precautions when sharing documents.

Security support for remote work, multiple device platforms

As noted in the Microsoft work index study, the time spent in Microsoft Teams meetings has more than doubled. The average Teams user is sending 45% more chats per week, and the number of emails delivered to commercial and education customers is up by 40.6 billion. Microsoft has seen a 66% increase in the number of people working on documents.

None of this is happening in the same office at the same time. Rather, many of us are communicating and collaborating remotely. We’re also using platforms other than Windows to do this collaboration. Microsoft acknowledges that we’re no longer just a network of Windows devices to manage and protect. We now are a network of Linux, Apple and internet of things (IoT) devices that need the same level of monitoring and protections as the rest of the network. Microsoft Defender for Endpoint unifies endpoint configuration, management, and security across Windows, iOS, Android, macOS and Linux platforms.

Microsoft’s rebranded security tools

Microsoft Sentinel (formerly Azure Sentinel) rolled out new machine learning algorithms to their Fusion analytics. If you are a small- or medium-sized firm that currently does not have a security information and event management (SIEM) solution, consider Microsoft Sentinel. Microsoft is offering a free trial amount of 10 gigabytes a day free for the first 31 days. Microsoft Sentinel ingests SIEM content that allows you to monitor, alert, hunt, investigate, respond, and connect with different products, platforms, and services.

Microsoft Defender for Cloud Apps (formerly Microsoft Cloud App Security) now adds a new application governance capability. You can now monitor and protect more than 26,000 cloud applications. Defender for Cloud Apps can help identify risky behavior in non-Microsoft cloud applications.

Microsoft Defender for IOT (formerly Azure Defender for IoT) is now integrated into Microsoft 365 Defender so that you can monitor devices on your network. Attackers can use IoT devices to enter your network. At the recent Zero Day Initiative Pwn2Own contest, hackers accessed many IoT devices and proved them vulnerable to attacks.

Enhanced identity protection in Azure Active Directory

Attacks including SolarWinds went after token theft and credentials. Azure Active Directory Identity Protection includes token theft detection, and a built-in process to detect and remediate identity-based threats that are now in general availability.

Extended security support for Linux and MacOS

Attackers target us more through email and Teams applications knowing that we are doing more remote communication during the pandemic. As businesses use different platforms to access cloud applications, they add Linux and MacOS into their threat protection strategies. Microsoft has extended protection to the MacOS in the form of Microsoft Endpoint Data Loss Prevention and Insider Risk Management. This solution will alert you if users inside your organization accidentally or maliciously try to steal information via printing or offloading to a cloud location or to a flash drive.

The solutions included in the Microsoft Defender products help businesses better protect and defend themselves from attacks. If you do not have such a solution deployed, take the time to review the Ignite presentations and see how you can improve your solution stack.

Copyright © 2021 IDG Communications, Inc.

7 hot cybersecurity trends (and 2 going cold)