Advanced Threat Detection is now part of Azure Security Center, which lets IT administrators collect crash events from virtual machines running in their Azure environments to find potential issues. Azure Security Center analyzes the data and alerts the customer automatically if any of the virtual machines appear to have been compromised. Similar network and behavioral analytics capabilities have also been integrated into Azure Security Center.
These products "will improve our security signal, help us protect you and help you protect yourself," Arsenault said.
Features of a secure platform
The other part of Nadella's enterprise security vision focused on a secure platform, and Arsenault had several announcements on new security capabilities for Azure and Office 365. Microsoft Cloud App Security, which will let IT departments monitor and control SaaS applications like Box, Salesforce, ServiceNow, Ariba, and Office 365, will be generally available in April. Customer Lockbox for SharePoint Online and OneDrive for Business will be available around the same time. Azure Security Center will also feature a new next-generation firewall in the coming weeks.
Based on the technology from the Adallom acquisition, Cloud App Security will give Office 365 administrators advanced security management capabilities, such as security alerts for anomalous or suspicious behavior and automatic cloud application discovery to analyze which external cloud services users are connecting to. IT will also be able to approve and revoke permissions to third-party applications that users are authorized to connect to the Office 365 environment.
IT administrators don't always know what other apps users are using, so being able to discover what applications are in use will help protect sensitive data from accidentally being exposed.
Microsoft introduced Customer Lockbox for Exchange Online back in December for those "very rare instances" when Microsoft engineers need to access a customer's Exchange environment. Lockbox integrates customers into the approvals process for granting access to these engineers. Microsoft will expand Customer Lockbox to include SharePoint Online and OneDrive for Business, so IT administrators will have new approval rights and greater control over who can access the data being stored in Office 365.
All the security enhancements require better reporting and audit capabilities, so Microsoft expanded security management in Azure Security Center. Instead of just having configuring a security policy for each Azure subscription, IT administrators can now configure a policy for a Resource Group in order to tailor policy to specific workloads. A new Power BI Dashboard lets IT staff look for trends and attack patterns in Azure by visualizing, analyzing, and filtering alerts and recommendations. And a revamped Security and Audit dashboard provides insights across the data center regarding various security-related events, such as authentication, access control events, network activity, malware protections, and system updates.
Sign up for CIO Asia eNewsletters.