First published to the Microsoft 365 Blog on June 27, 2018
If you are like me, you are pretty amazed at the number of systems and services available today that claim to help you improve your enterprise security. And you are also a bit chagrined by how few sources there are with helpful information on what will actually make you more secure.
In our blog post today, the third in our hybrid blog series, we’re doing our best to help fix that. This post is guest authored by Alex Weinert who leads our Identity Security and Protection team. Alex & his team are a pretty elite group –
So Alex has a lot of data and a pretty unique view into what really works when it comes to securing your digital identities.
I hope you’ll find his blog useful! As always, we’d love to hear any feedback or suggestions you have.
Alex Simons (Twitter: @Alex_A_Simons)
Director of Program Management
Microsoft Identity Division
I’m Alex Weinert and I get to work on the amazing team responsible for protecting four billion consumer and enterprise accounts from unauthorized access and fraud. Each day, our machine learning and heuristic systems provide risk scores for 18 billion login attempts for over 800 million distinct accounts, 300 million of which are discernibly done by adversaries (i.e., criminal actors, hackers).
At Ignite last year, I spoke about the top 3 attacks on our identity systems. Here is the recent volume of these attacks:
The volume of these current threats shows a significant rise, and new threats are emerging as well centered around IoT (Internet of Things), privacy, and consent. While we fight the good fight to ward off threats in your cloud infrastructure, we’d also like to recommend steps that you can take that could immediately protect your hybrid infrastructure. But before we can even start, ensure all your privileged Azure AD roles are protected with multi-factor authentication. Recently Microsoft released a baseline protection policy providing a one-click experience to protect privileged Azure AD roles.
Now, let’s get started with the five steps to securing your “hybrid” identity infrastructure!
Check out the other posts in this series:
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.