sb-eu logo
Story image

Microsoft's new security features address common pain points

23 Jul 2020

Microsoft Inspire has kicked off with a number of major announcements across Microsoft’s Azure, Microsoft 365, business applications, security, enablement, and sustainability initiatives.
In this story we focus on the company’s security and compliance announcements.

Microsoft Azure Sentinel

Microsoft Azure Sentinel enables users to collect and analyse data from different sources, including networks, firewalls, endpoint, and vulnerability management to provide security insights.

Connectors now include Alcide kAudit (Kubernetes logs), Vectra AI, Perimeter 81 (Activity logs), Symantec Proxy SG, Symantec VIP, Pulse Connect Secure, Infoblox NIOS, Proofpoint TAP, Qualys VM, VMWare Carbon Black, Okta SSO, RiskIQ (Azure Logic Apps custom connector).

Communication Compliance in Microsoft 365

Microsoft 365 features new Communication Compliance capabilities that take into account remote working environments.

Microsoft is expanding visibility across communication sources with the introduction of image detection and across third-party solutions such as Instant Bloomberg with Slack and Zoom functionality coming soon.

Additionally, Teams integration will also feature improved remediation, including the ability to remove messages from the Teams channel. 

Endpoint Data Loss Prevention

Microsoft Endpoint Data Loss Prevention (DLP), now available in public preview, DLP solutions provide content visibility into data at rest, in use and in motion on-premises and in the cloud. 

Microsoft Endpoint DLP enables customers to manage DLP policies across workloads such as Teams, SharePoint, Exchange, OneDrive, and Microsoft 365, from a single console: the Microsoft 365 compliance centre.

Microsoft 365 Insider Risk Management

This includes new features to identify insider risk and take action within integrated collaboration workflows.

Insider Risk Management now includes better algorithms and signal quality to flag what could be risky behaviour. New advanced signals will now be captured from Windows 10 endpoints, Microsoft Defender Advanced Threat Protection, Microsoft 365 and our native Human Resources connector. 

Insider Risk Management will also include new policy templates and workflows to push alerts to other systems such as ServiceNow and Microsoft Azure Sentinel.

Double Key Encryption for Microsoft 365

Microsoft’s Double Key Encryption for Microsoft 365 now enables users to protect confidential data and control their encryption key. Double Key Encryption for Microsoft 365 protects data by encrypting it with two keys, one key in the organisation’s control and the second key stored securely in Microsoft Azure. 

To view the data, one must have access to both keys. Since Microsoft can access only the key in Azure (with all BYOK assurances), data is unavailable to Microsoft, ensuring enhanced data privacy and security.

Double Key Encryption for Microsoft 365 is available in public preview.

Story image
Just one click – that’s all it takes to let in cyber-crime
So how do organisations ensure that users are not compromised by simply doing their work?  The answer is surprisingly simple, writes Bufferzone Security business strategist for A/NZ Greg Wyman.More
Story image
Video: 10 Minute IT Jams - The benefits of converged cloud security
Today, Techday speaks to Forcepoint senior sales engineer and solutions architect Matthew Bant, who discusses the benefits of a converged cloud security model, and the pandemic's role in complicating the security stack in organisations around the world.More
Story image
Check Point acquires Odo Security to bolster remote security offering
The deal will integrate Odo’s remote access software with Check Point’s Inifinity architecture, bolstering the latter company’s remote security capabilities in a time where working and learning from home has become the norm, and looks to largely remain that way in the near future.More
Story image
75% of IT execs 'worried' about being targeted in cyber-attack
A new report from ConnectWise has shed light on the widespread concern about cyber-attacks, with 91% of SMB executives considering a move to an MSP if it provided the 'right' solution.More
Story image
CrowdStrike integrates with ServiceNow program to bolster incident response
As part of the move, users can now integrate device data from the CrowdStrike Falcon platform into their incident response process, allowing for the improvement of both the security and IT operation outcomes.More
Story image
SMBs seeking service providers in face of rising cyber threats
SMBs are struggling with their cybersecurity solutions, with three quarters worried about being the target of a cyberattack in the next six months, and 91% considering using or switching to a new IT service provider if offered a better option.More