Microsoft lays out its security plan for a mobile-first, cloud-first world

hero

Image: Microsoft News

Information technology, through wireless networks and the Internet of Things (IoT), enables people, enterprises, and devices of all kinds to interconnect and communicate like never before. But that instantaneous communication also creates security vulnerabilities on a scale like we have never seen before.

In a keynote speech at a security conference in Washington D.C. on November 17, 2015, CEO Satya Nadella explained how Microsoft plans to counteract the inherent security problems associated with a mobile-first, cloud-first world.

Protect, Detect, and Respond

Without getting into specifics, Nadella laid out an overview of what he called Microsoft’s new approach to protect, detect, and respond to security threats in the enterprise. Here is the key quote in this regard:

“We must better Protect all endpoints-from sensors and datacenters to identities and SaaS applications. We must move faster to Detect threats using the scale and intelligence of the cloud, machine learning and behavioral monitoring. We must Respond more quickly and comprehensively, and empower our customers with insights that are actionable and holistic.”

Because Microsoft collects data continuously on how enterprises are using their software, Nadella thinks the company is in a unique position to see potential security vulnerabilities and then provide the tools necessary to protect the enterprise data of its customers. Through innovations in Windows 10, Azure, and Enterprise Mobility Suite, Microsoft is trying to create, what Nadella refers to as a holistic, agile, security platform.

You can view the entire enterprise security speech on Microsoft News.

Image A

Image A

Image: iStockphoto.com/koo_mikko

Inevitable

It is reassuring to know that Microsoft is actively engaged in pursuing ways to protect enterprise data. The overview presented in the speech clearly shows that Microsoft understands the security concerns of not only its customers, but of everyone and everything connected to the global network. However, the speech also exposes a harsh, undeniable truth.

Someday, someway, someone or something is going to steal data from your enterprise and there is nothing Microsoft, or anyone else, can do to stop it.

As long as human beings, with all their foibles, are involved, communication networks will be vulnerable to attack. Humans can be tricked, cajoled, and coerced to allow perpetrators with malicious intent into enterprise systems where they can steal data. Humans are the weak link in this equation.

Mitigation

So if it is inevitable that enterprise data will be lost, why should we take note of Microsoft’s plans for establishing security in a mobile-first, cloud-first world? Because the more you do to prevent security breaches the more you can avoid culpability for an event when it takes place.

We have reached a point in information technology development where the fact that data can be stolen from an enterprise is not the main liability. Where companies get in trouble is when they try to hide the fact that data was lost in the first place, or when it becomes obvious that the enterprise did not do enough to protect its systems.

If your enterprise takes every step possible to protect its networks and its data, and then it suffers a security breach where data is lost, your enterprise will be seen as yet another victim of cybercrime. However, if your enterprise is found to be negligent with its deployment of security protocols, well that could be an existence-ending disaster.

Image B

Image B

Bottom line

In a world where everyone and everything is interconnected, enterprise data security must be a priority, if for no other reason than to mitigate future liability. Microsoft is doing its part by offering as many innovative security protocols as it can come up with based on what it knows from tracking usage. Every enterprise needs to take advantage of these new tools for the best chance to either prevent or to lessen the impact of the next attack.

Also read…

Build 2015: Microsoft’s new plan to rule the mobile world

Microsoft Ignite 2015: Collaboration tools to spark the modern workforce

Cloud security: 10 things you need to know

Ashley Madison hack should serve as your IT security wake-up call

Your thoughts

I say that someday, someway, someone or something is going to steal data from your enterprise and there is nothing Microsoft, or anyone else, can do to stop it. Do you agree? Please explain—this is an important topic.