Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

Microsoft picks security for the enterprise win

Joab Jackson | May 5, 2015
Microsoft is betting that good security support will be key to keeping its enterprise customers from straying to rivals.

Users can override the block, but only after they click through a dialog box; Windows 10 will log all these unapproved copying actions.

A service called Azure Rights Management Services which can further guard against corporate data leakage, was also made generally available. This service provides the ability to protect access to files even after they leave the individual computer.

It introduces a concept called self-protecting files, or files that retain information about how they can be accessed. Before sending a file to someone, a user can specify what permissions that recipient has with that file. The sender can specify, for instance, if that file can be forwarded to additional parties. The sender can revoke access to the document even after it is sent out. "The file becomes self-protecting," said Brad Anderson, Microsoft corporate vice president for enterprise client and mobility.

The administrator can also get statistics on the usage of the file, such as how many people read the document, how many of those were authorized, and the names of those who tried to open the document but who weren't authorized to do so.

Those using the company's Azure-based Active Directory service can take advantage of a new service, now in preview mode, that can identify anomalous sign-ins, or those attempted log-ins to the organization's system that probably don't originate from the employee.

If an employee signs into the network from Chicago at noon, and then again at 12:30 from North Korea, it is probably a safe bet that the second sign-in is not a legitimate one, explained Anderson. The service uses machine learning to correlate the immense number of log files in order to find these matches.

Another machine-learning-based service, called Microsoft Advanced Threat Analytics, can provide organizations with an easy way to identify network intruders. The offering, available as a preview starting Monday, is based on technology developed by Israeli startup Aorato, which Microsoft acquired in November.

Microsoft Advanced Threat Analytics can provide a timeline view of a series of activities that make up a single attack as they unfold across different system resources. It can show, for instance, someone using a brute-force attack to compromise a user account, and when that account is breached, the service can then follow subsequent actions on different machines, such as accessing content.

 

Previous Page  1  2 

Sign up for CIO Asia eNewsletters.