Multicloud strategies have become the new norm for most enterprises, with more than 90 percent of organizations adopting multiple cloud infrastructures, platforms, and services to run their businesses.1 However, a lack of visibility into their digital infrastructure exposes them to significant risks. As a customer, you may run Microsoft Azure, workloads on Amazon Web Services (AWS), Google Cloud Platform (GCP), and even some workloads on-premises. You likely rely on services like Zoom or Salesforce. But fundamentally, you want it all to work securely and work together—regardless of service provider. Today we are excited to share additional innovations as we continue to expand our sphere of protection.
Figure 1. This graphic shows how software as a service (SaaS), platform as a service (PaaS), and infrastructure as a service (IaaS) work together in a comprehensive security strategy.
Microsoft Security—extending our multicloud reach
At Microsoft, we have long embraced our commitment to protecting our customers’ multicloud environments. The journey began in July 2021, when we acquired CloudKnox Security to help customers manage permissions across clouds and strengthen their Zero Trust strategy.2 That cloud infrastructure entitlement management (CIEM) solution has evolved to become Microsoft Entra Permissions Management, and is part of our comprehensive identity product family: Microsoft Entra. In February 2022, Microsoft Defender for Cloud expanded to include GCP and AWS, becoming the first cloud provider to offer integrated cloud-native application protection (CNAPP) for the three main public clouds—from development to runtime.3 This past March, we introduced Microsoft Defender Cloud Security Posture Management for multicloud environments, including new data-aware security posture management capabilities to help customers identify risks across their data estate, and an improved multicloud security benchmark to better unify security and compliance across services. And finally, earlier this year we announced enhancements to Microsoft Purview to continue building on the promise of securing both structured and unstructured data wherever it lives.
Figure 2. Timeline of Microsoft Security’s journey to multicloud, starting in 2021 with the acquisition of CloudKnox Security, to the launch of Microsoft Entra and the extension of Microsoft Defender for Cloud to GCP and AWS in 2022, continuing with enhancements to Microsoft Purview in 2023, with more capabilities to come.
Securing your data wherever it travels
The amount of data being created and transferred is growing exponentially. This is taking place at a time when employees don’t just gather around the water cooler; they’re communicating across digital channels on personal and corporate devices. Modern workforces are distributed, and the digital fabric of any given organization is made up of multiple threads, adding layers of complexity. Additionally, the shift to multicloud makes the surface area of your data even larger. Without unified visibility across your multicloud data security posture, the shift adds to the complexity of identifying risks such as misconfigured object storage and databases.4 You can hear more about this in the most recent Uncovering Hidden Risks podcast, which discusses the risks of running a multicloud strategy as customers accelerate their digital transformation. Organizations looking to proactively protect and manage multicloud environments often face challenges around data risk, data protection, and data compliance.
Data Risk—Data doesn’t move itself; people move and interact with data, and that’s where the majority of data security risks stem from. In fact, data security incidents are commonly caused by insider actions, accounting for nearly 35 percent of all unauthorized incidents.4 Even the strongest cybersecurity programs can be undermined by insiders who either intentionally or unintentionally compromise an enterprise. To assist you in identifying data risks across various environments, we are pleased to share that you can now bring your own risk detections into Microsoft Purview Insider Risk Management. For example, you can import events from customer relationship management (CRM) systems, such as Salesforce, or developer tools like GitHub. These user activities can then be used as custom indicators in insider risk policies, combined with other built-in indicators, offering organizations a comprehensive view and understanding of potential data security risks posed by an insider. You can learn more about it from our blog “Manage insider risks in multicloud environments.”
Data Protection—The loss of sensitive data remains the top security concern for IT and security professionals. This often leads to the deployment of multiple solutions to manage data loss across different environments, which could lead to both blind spots and data leakage. It is crucial to have integrated solutions that can protect sensitive data across your digital landscape. In addition to supporting Microsoft 365 apps, services, Microsoft Edge, and Windows endpoints, Microsoft Purview Data Loss Prevention (Purview DLP) supports macOS endpoints, as well as virtualized environments such as Citrix, Windows Virtual Desktop, Amazon Workspaces, and Hyper-V platforms, as well as Google Chrome and Firefox browsers. We are continuing to expand our capabilities to allow you to cover all egress risks. Today we are excited to announce that organizations can now leverage Purview DLP to prevent their users from pasting sensitive content in websites on supported browsers. For example, let’s say a user copies customer information from an internal CRM system or SQL database, and pastes it into personal email, social media sites, or generative AI prompts on a supported browser like Microsoft Edge, Google Chrome, or Firefox. Based on the pre-set policy, Purview DLP will audit, warn, or block the action to prevent leaking sensitive information. Learn more in our blog here.
Data Compliance—The compounding impact of a complex regulatory environment and the growing adoption of cloud services makes it increasingly difficult for organizations to identify compliance risks. We are excited to share that you can now run multicloud assessments in Microsoft Purview Compliance Manager. This feature lets you assess your compliance posture across your organization’s multicloud estate, including Azure, AWS, GCP, and services like Zoom and Salesforce. For example, for a regulation such as Payment Card Industry Data Security Standard, you can aggregate and automate your compliance posture across all in-scope services. You can learn more about it in our latest blog.
Be sure to explore our videos on Multicloud Assessments from Microsoft Mechanics, and delve into the latest overview of Microsoft Defender for Cloud by Microsoft Solution Architect, John Savill. This is the first of a series of exciting multicloud innovations, with more in store over the next few months. Stay tuned!
To learn more about Microsoft Security solutions, visit our website. Bookmark the Security blog to keep up with our expert coverage on security matters. Also, follow us on LinkedIn (Microsoft Security) and Twitter (@MSFTSecurity) for the latest news and updates on cybersecurity.
12023 State of the Cloud Report, Flexera. 2023.
2Microsoft acquires CloudKnox Security to offer unified privileged access and cloud entitlement management, Microsoft Security Team. July 21, 2021.
3Microsoft Announces new Security Capabilities for the Multicloud World, Microsoft Stories Asia. February 24, 2022.
4Insider threat peaks to highest level in Q3 2022, Maria Henriquez. November 10, 2022.
The post Expanding horizons—Microsoft Security’s continued commitment to multicloud appeared first on Microsoft Security Blog.