Microsoft CEO Satya Nadella has made it his mission to understand why major security breaches occur.
According to Nadella, 2015 was a tough year for security. “Just the top eight data breaches led to 160 million data records being compromised.”
At an event in the US on 17 November 2015, he revealed that he meets with the Microsoft security review team once a month to look at the major attacks and breaches.
“Every time there is an incident, I call the CEO of the company and I ask, ‘how can we help and what can we learn?’”
For Nadella, operational security has been the biggest change at Microsoft, and he believes tackling security is not just a top priority for Microsoft, but for the whole technology sector.
“The most pressing issue of our time is cyber security. Digital technology can play a positive role in every walk of life, but customers are not going to use this technology unless they trust it. Our mission is to empower every person on the planet to achieve more. This is what drives our technology innovation and trust is at the core of that drive.”
Nadella described a shift in IT security, from the IT perimeter that was commonplace a decade ago, to deperimeterisation, a term first coined by the group of chief information security officers who formed an organisation called the Jericho Forum more than 10 years ago. They recognised that the corporate firewall would no longer be suitable for protecting the latest ways of doing business.
While IT used to work in a locked-down environment, now users bring in their own devices, and some corporate applications are available as cloud-based services, outside of the corporate network.
“There was a time when we could make a strong perimeter around our data, all secure inside the four walls of our environment. Over the past two decades we have extended our networks to touch our customers directly,” said Nadella.
“We are increasingly looking at public cloud and software-as-a-service (SaaS) applications and incorporating people’s devices into our network. We live in a world where the attack vectors can come from anywhere. It is a perimeter-less world.”
Nadella outlined four pillars Microsoft would be working on. The first concerned ensuring data is private and “under your control”; the second is about data being managed in accordance with country laws; the third would be built on Microsoft being “transparent about the collection of data and the use of data”; and the final piece of Microsoft’s strategy is to ensure all data is secure, said Nadella.
At the event, Julia White, general manager for Office at Microsoft, demonstrated how Windows 10 Passport could give smartcard-level security using Windows Hello for biometric authentication. For data loss prevention, she said Azure Active Directory provides conditional access to 2,500 public SaaS applications, as well as internal applications. For malware protection, she said Office365 looks for zero-day attacks as well as known malware.
White said Microsoft hardened security in Windows 10 over Windows to make it harder for hackers to compromise a machine. “We use virtualisation technology to isolate critical windows services such as authentication.”
White also showed how InTune, Microsoft’s mobile access management suite, could be deployed to provide conditional access based on an IT policy. The company announced that Box and Adobe will offer the latest Microsoft Intune native apps on iOS and Android to help prevent accidental sharing of confidential corporate data to personal locations or cloud services. Custom SAP Fiori mobile apps, built by customers using SAP Fiori mobile service, will also support Intune mobile app management.
Microsoft has also begun working with Barracuda, Checkpoint, Cisco Systems Inc, CloudFlare, F5 Networks, Imperva, Incapsula and Trend Micro Inc on a product called Azure Security Center. This will offer advanced, analytics-driven threat detection that Microsoft said would help businesses protect, detect and respond to security threats in real time. Another security product, Advanced Threat Analytics, speeds up the detection of anomalous patterns and then offers recommended configuration changes to protect equipment from current and future attacks, said Microsoft.