Microsoft Nov 29, 2019

Microsoft Ignite III – Security first.

Security is more important than ever before. The complex, fast-paced IT environment we live in requires not just vigilance but also continuous optimisation to ensure that work is safeguarded. That’s why Microsoft has raised the bar for security in Microsoft 365 solutions and Azure Active Directory, relying on new, AI-driven features introduced at the Ignite conference. The best part is these features enhance security without compromising team members’ ability to collaborate. Keep reading to learn about the details.

Share article

Microsoft Authenticator.

The easiest way to ensure a high level of security for your organisation is to use multi-factor authentication. That’s why every Microsoft 365 or Office 365 customer with an Azure AD plan, whether free or not, is now able to use the popular Microsoft Authenticator app for secure, passwordless access to both Microsoft and non-Microsoft apps.


Passwords are still the weakest link in the cybersecurity world. Using Azure AD and Microsoft Authenticator, your company will be able to work without passwords, providing a one-of-a-kind user experience and keeping support costs low—all while ensuring a high level of security through two-factor or multi-factor authentication (MFA).


MFA lowers the risk of phishing and other identity-based attacks by 99.9 percent, and we highly recommend it as one of the best ways to tighten up your security. Customers with fewer than 150 IT seats are now also able to set up the function through FastTrack.


More value with Azure AD.

Azure AD cloud provisioning will make it even easier to synchronise identities in the cloud as it eliminates the need for local synchronisation servers. In the future, a lightweight agent is all it will take to move identities into the cloud.


This will enable the provisioning from multiple, disconnected Active Directory (AD) forests. At the same time, the technology leverages the cloud’s performance capabilities to tackle directory challenges such as synchronisation complexity and data transformation. The simple use of a lightweight agent meets one of the key requirements of complex business organisations while costing less to implement and operate. And this applies even to mergers and acquisitions.


Microsoft Defender Advanced Threat Protection.

Microsoft Defender ATP endpoint detection and response (EDR) features are now available in preview for MacOS devices. Future support for Linux servers is also planned.


Application Guard for Office.

The new Application Guard for Office applications, now available in private preview, provides fundamental hardware-level and container-based protection against potentially dangerous Word, Excel, and PowerPoint files. Application Guard uses Microsoft Defender ATP to determine whether a document or file is malicious or trustworthy. 


Insider Risk Management.

According to Microsoft, numerous companies have experienced direct insider attacks in the past 12 months. A lot of work is involved in detecting and specifically identifying this risk and any breaches. It requires not only effective cooperation between security, HR and legal departments but also a balanced approach to data protection and risk management.


Against this backdrop, Ignite 2019 announced and presented Insider Risk Management in Microsoft 365. This solution helps companies quickly identify and eliminate insider threats, risk and policy violations in Office, Windows, Azure, and third-party applications. Insider Risk Management uses Microsoft Graph and other services to intelligently correlate multiple signals, identifying hidden patterns and potential risks. The technology also enables real-time insight into file activity, communications sentiment and abnormal user behaviour.


The solution includes a series of so-called playbooks specially tailored to risks such as digital IP theft and breaches of confidentiality, helping to effectively identify threats and take immediate action. However, privacy is still protected as user display names are anonymised by default in the early stages of investigations and detection.


Compliance Score.

It’s becoming increasingly important to have the right tools and expertise to enable compliance and risk management teams to effectively assess and monitor risks. In its effort to help customers implement effective data protection controls, Microsoft has announced a public preview of its new Microsoft Compliance Score.


The Compliance Score enables easy, automated risk management for companies, enabling them to scale their compliance efforts across requirements and standards. 


It’s easy to see your Compliance Score and determine which actions to take, even if you’re not an expert on requirements, the General Data Protection Regulation (GDRP) or ISO 27001. Compliance Score, found in the Microsoft 365 Compliance Center, is already available in public preview for all Microsoft 365 Enterprise plans.

Florian Vees
Junior Consultant Microsoft