Digging into the security announcements from Microsoft Ignite
This is my first time writing for the TechNet UK blog, so let me introduce myself: I’m Sarah Young, I’m a Cloud Security Advocate based in Melbourne. I’ve been working in tech for longer than I care to admit, and I started working in the security space before it was cool. I’m writing this piece on my flight home from Sydney to Melbourne after wrapping up the Australian Ignite Recap session that was run in the Microsoft office in Sydney (it has great views of the famous harbour bridge, if you ever get a chance to visit!).
This month I’m going to talk about some security announcements at Ignite that I think are the ones that are the most interesting.
“Just security?!” I hear you say? Well, security is everyone’s responsibility nowadays, to a certain extent. My personal favourite phrase on this comes from one of our lead security architects and my Azure Security Podcast co-host, Mark Simos who says “Security is a team sport” – very accurate!
The announcement I’m most excited about from Ignite was the new features of Microsoft Purview. If you’re not familiar with this product, this is the name for a suite of tools that help with data governance. Too often in security we focus on technical security controls to protect malicious actors compromising environments and don’t talk about the controls on the data itself in our environment, which is usually what attackers are targeting. With Purview you can use e-discovery to find and classify data in Azure, other clouds and on-premises, apply classification labels to it and then create policies to restrict and control how that data is shared both internally and externally. Purview also has an insider risk feature that can highlight and track anomalous data usage within your organisation.
The second security announcement from Ignite that I want to highlight is even more tools to monitor and manage security hygiene and baselines across all manner of infrastructure. We announced additional capabilities in this space as part of Defender for Cloud (formerly known as Azure Security Center). We now provide a multi-cloud security baseline that you can measure all your environments against for a holistic view of how you’re tracking with your security baseline. Microsoft Defender for Servers will support agentless scanning and an agent-based approach to VMs in Azure and AWS.
Finally – as it was Halloween recently – I want to encourage you to watch the DART talk about ransomware from Ignite. The Detection and Response Team (DART) team are Microsoft’s incident responders, and they help customers who have been compromised. Any real-life stories from that team are worth listening to, and I guarantee it will give you nightmares.
And on that note, I’ll wish you all a lovely November. Keep securing all the things!
