sb-as logo
Story image

Microsoft's new security features address common pain points

23 Jul 2020

Microsoft Inspire has kicked off with a number of major announcements across Microsoft’s Azure, Microsoft 365, business applications, security, enablement, and sustainability initiatives.
In this story we focus on the company’s security and compliance announcements.

Microsoft Azure Sentinel

Microsoft Azure Sentinel enables users to collect and analyse data from different sources, including networks, firewalls, endpoint, and vulnerability management to provide security insights.

Connectors now include Alcide kAudit (Kubernetes logs), Vectra AI, Perimeter 81 (Activity logs), Symantec Proxy SG, Symantec VIP, Pulse Connect Secure, Infoblox NIOS, Proofpoint TAP, Qualys VM, VMWare Carbon Black, Okta SSO, RiskIQ (Azure Logic Apps custom connector).

Communication Compliance in Microsoft 365

Microsoft 365 features new Communication Compliance capabilities that take into account remote working environments.

Microsoft is expanding visibility across communication sources with the introduction of image detection and across third-party solutions such as Instant Bloomberg with Slack and Zoom functionality coming soon.

Additionally, Teams integration will also feature improved remediation, including the ability to remove messages from the Teams channel. 

Endpoint Data Loss Prevention

Microsoft Endpoint Data Loss Prevention (DLP), now available in public preview, DLP solutions provide content visibility into data at rest, in use and in motion on-premises and in the cloud. 

Microsoft Endpoint DLP enables customers to manage DLP policies across workloads such as Teams, SharePoint, Exchange, OneDrive, and Microsoft 365, from a single console: the Microsoft 365 compliance centre.

Microsoft 365 Insider Risk Management

This includes new features to identify insider risk and take action within integrated collaboration workflows.

Insider Risk Management now includes better algorithms and signal quality to flag what could be risky behaviour. New advanced signals will now be captured from Windows 10 endpoints, Microsoft Defender Advanced Threat Protection, Microsoft 365 and our native Human Resources connector. 

Insider Risk Management will also include new policy templates and workflows to push alerts to other systems such as ServiceNow and Microsoft Azure Sentinel.

Double Key Encryption for Microsoft 365

Microsoft’s Double Key Encryption for Microsoft 365 now enables users to protect confidential data and control their encryption key. Double Key Encryption for Microsoft 365 protects data by encrypting it with two keys, one key in the organisation’s control and the second key stored securely in Microsoft Azure. 

To view the data, one must have access to both keys. Since Microsoft can access only the key in Azure (with all BYOK assurances), data is unavailable to Microsoft, ensuring enhanced data privacy and security.

Double Key Encryption for Microsoft 365 is available in public preview.

Story image
McAfee brings on new partners in push for zero trust security
"Together with our SIA partners, we are strengthening security for the critical apps that enterprises rely on every day."More
Story image
ThreatQuotient hits $22.5m in new financing, continues growth streak
“Since we first invested in ThreatQuotient in 2017, their team has continued to prove to the market that there is a critical need for cybersecurity solutions aimed at security operations."More
Story image
Infrastructure-as-code, and how it can secure the cloud
Bridgecrew recognised IaC early on as one of the best ways for modern teams to delegate security ownership to individual contributors while distributing it across existing frameworks within CI/CD pipelines. This attribute meant that IaC was invaluable in securing cloud-native environments.More
Story image
Kroll completes Redscan acquisition, expands cyber risk portfolio
With the addition of Redscan and its extended detection and response (XDR) enabled security operations centre (SOC) platform, Kroll expands its Kroll Responder capabilities to support a wider array of cloud and on-premise telemetry sources.More
Story image
Video: 10 Minute IT Jams - Who is Okta?
Okta is an identity and access management company, specialising in secure user authentication. It's an enterprise-grade identity management service, built for the cloud, but compatible with many on-premises applications.More
Story image
Claroty discovers vulnerabilities in Ovarro TBox RTUs
The vulnerabilities could enable attackers to break into the systems and run code, crash systems, and meddle with configuration files, amongst other malicious actions.More