During my time consulting, I was often confronted with the argument that Microsoft is not a security provider and that it was therefore necessary to choose products from other companies. Many traditionally associate the vendor with Windows or Office and more recently with Surface devices or Xbox games consoles, but Microsoft’s business operations now consist of many different cloud services with Windows playing a secondary roll in 2020 as online services such as the Azure platform or Microsoft 365 products have taken precedence.
The huge usage of these services has allowed Microsoft to gather a wide range of users. In the end customer segment, some 28 million people use Microsoft 365 services, while in an enterprise context, it’s reportedly 180 million users. That’s a total of 210 million Microsoft users, all using their cloud services daily. On the one hand, it must, of course, be ensured that these services all work. On the other hand, we need to ensure that the data exchanged on this platform is secured accordingly.
Microsoft therefore invests a billion dollars in the research and development of security solutions annually with results including the AI-supported all-purpose Microsoft Defender Advanced Threat Protection or the SIEM solution, Azure Sentinel. In this context, more than 3,500 Microsoft staff are employed in two key departments. Firstly, there is the Cyber Security Operations Center where employees test Microsoft products for security gaps and vulnerabilities to make services even more secure for customers.
Then there’s the Digital Crimes Unit that works closely with industry associations and state institutions or governments to quickly put a stop to cybercriminals.
In summary, it should be emphasised that the investments Microsoft makes in security every year are extremely high. Security therefore plays an extraordinarily important role at Microsoft, since the topic is not just connected to use of individual services, but always needs to be viewed holistically in order to provide secure and convenient work platforms for both enterprise and private end customers. Microsoft can therefore achieve both by securing its own services and also by provisioning services and products for users who can then in turn secure their own PCs and environments.