Event details
MicrosoftQuestion from the audience:
I work for a company called the Center for Internet Security. Organizations, states and countries are apprehensive in using AI tools. That's been the challenge for us. We're known for security best practices and partnered with a lot of security frameworks like NIST. When Microsoft builds your products from a product management perspective, do you work with these organizations or these frameworks? And how can we get more transparency to our customers.
David_BroaddusAnswer:
We work with these organizations and we put objectives into a full list because of different vulnerabilities and issues. We are making sure customers can automate controls to figure out the entire lifecycle and connect it back to agents or other things that can provide users proof of compliance for their hours giving the entire end to end best practice. We have some baseline security guidance as you invite agents and AI into your organization along with policies and best practice guidance to then invite AI and agents into your organization to start off on the right foot. We make sure we are aligned with regulation, legal trust, and training best practices to be secure by design.
If you are interested in learning about the Microsoft service where and where we are complying with the regulation of reports, there is a post service trust portal that you can go and see all the auditing reports and certificates.