With Windows 10 a common sight on millions of consumer and enterprise devices around the world, it’s perhaps no surprise that Microsoft is pushing itself as a leading authority when it comes to security.
The move is part of Microsoft’s transition towards cloud, thanks to the vision of CEO Satya Nadella, but securing the processes and data on global cloud platforms is an important consideration too. However, when it comes to a company the size of Microsoft, there is an apparent wealth of information and insight available to its in-house security teams.
"From a security signal point of view, there's very few companies can bring the breadth we can," Andrew Conway, Microsoft general manager, enterprise mobility and security, told ITProPortal at the recent InfoSecurity Europe event in London.
"Security is the baseline that you have to have...no business relationship is possible without trust, so establishing that trust, and a set of principles around trust, and around compliance and transparency - especially as customers move more and now their critical business data and processes to the cloud - trust and privacy are critical components of that."
Microsoft’s Azure cloud platform has grown rapidly to become one of the so-called “big three” alongside Google Cloud Platform and Amazon Web Services, but Conway notes that the company’s offering can offer a more developed security approach.
"One of the things that we hear now pretty consistently from customers as we've made this transition to cloud as they have...is that customers are going to the cloud for security reasons,” said Conway.
“Customers are starting to clock that security itself is changing - a lot of security today is based around context and understanding...a broad picture of what's happening to your organisation…(as well as) what's happening to your employees - what interactions are they having, what applications are they accessing?"
He adds that Microsoft has a range of novel solutions and services to not just protect your business, but also test the protections in place, and how switched-on your employees are.
This includes Microsoft Secure Score, which gives a rank to your company based on their online protection, which can then be compared against competitors to provide a gamification aspect to upping your security protection.
Also on offer is Attack Simulator, a tool built within Office 365 which is able to launch a pretend assault against a business’ systems to see how employees react - and then tweak your training or up security depending on the reaction.
However as Conway notes, "it's always tempting to talk about the next big threat, but most of the bread and butter of the commercial enterprise is around stealing and cyberthreats is going after easy marks."
Microsoft 365 oversees around 400 billion emails sent each month, he says, giving the company a unique insight into the current and evolving threat trends affecting their customers.
"This is where cloud brings huge advantages, bringing huge visibility into what your employees are doing,” Conway says, “for a company the scale of Microsoft, we also have this visibility into what's happening across a huge number of different organisations, workloads and industries.”
"People are finally cottoning on to security - the advent of cloud is a fundamental shift for security,” he says.
“As more and more customer workloads and data, as well as security move to the cloud, it's going to be one to watch."