Cloud security is a challenging first step for security managers as well as for cloud infrastructure managers whose work affects cloud security. It can be difficult to enforce policies in the cloud, especially when digital assets are deployed across multiple cloud platforms. With the increasing sophistication of cyberattacks, awareness of threats across an extensive digital estate is crucial. Access rights can be murky in the cloud, too.
For these reasons, the right cloud security solution can make a big difference in how well an organization will be able to manage cloud-based security risks. PeerSpot, the enterprise technology review site, provides users of security products a platform for sharing their honest opinions for consumption by their industry peers. In this article, real users of Microsoft Defender for Cloud on PeerSpot offer insights into the factors that drove their selection of a cloud security solution.
Multicloud Capabilities
To be effective, a cloud security solution has to protect workloads regardless of where they are hosted. Companies need to defend multicloud architectures that span across Microsoft Azure, Google Cloud Platform (GCP), Amazon Web Services (AWS), private clouds, and even hybrid environments. Security must easily align with such a multicloud strategy, and Microsoft is up to the task. As one Consulting Manager put it, “The most valuable feature of this solution [Defender for Cloud] is the support for a multicloud environment. If you would like to work with a product that addresses security in the cloud, or in a multicloud environment, then this is exactly the product. There is no need to implement anything else.”
In a different organization – a consumer goods company - mergers and acquisitions have created a multicloud environment and necessitated flexibility in their choices of solutions. According to Thiago D, Global Cloud Security Architect, “We do a lot of mergers and acquisitions. One of the features that I like about the solution is it [supports] both a hybrid cloud and also multicloud. We never know what company we're going to buy, and therefore we are ready to go. If they have GCP or AWS, we have support for that as well.” Defender for Cloud can adjust to meet each customer’s infrastructure needs and consolidates observability, posture management, threat protection, and remediation workflows across Azure, GCP, and AWS environments into a single pane of glass.
Security Posture Management and a Single Pane of Glass
Observability, intelligent assessment and prioritization, and integrated remediation are critical to strengthen your organization’s cloud security posture. Managing that posture begins with comprehensive and integrated visibility in a single pane of glass, reducing complexity for security teams who no longer need to switch views between multiple solutions. Thiago D. remarked, “The most valuable aspect of the solution is visibility. You truly have visibility. That’s the first thing that you're going to have in the cloud.”
Defender for Cloud spoke to this need for Jijo J., Managing Partner at Nissan Motor Corporation, who said, “We saw improvement from a regulatory compliance perspective due to having a single dashboard.” Thiago D. was also pleased that Defender for Cloud offers “a single-panel blast across multiple clouds.”
“The dashboard is very good,” said a System Administrator at a tech services company, speaking to the importance of visibility. “It gives our clients a lot of information and allows them to have a complete overview of the system. Everything is visible in one glance.” A Cyber & Cloud Security Leader at a software company likewise noted, “It takes very little effort to integrate it. It also gives very good visibility into what exactly is happening.”
In order to ensure that teams are properly prioritizing remediation actions, organizations need to be able to track their security posture over time. Abhishek P., a Senior Consultant at a recruiting/HR firm, spoke to the issue of proactive cloud security posture management by sharing, “When we started out, our Secure Score was pretty low. We adopted some of the recommendations that [Microsoft Defender for Cloud] set out and we were able to make good progress on improving it. It had been in the low thirties and is now in the upper eighties.”
Abhishek P. then went on to say, “Our overall security posture has been enhanced. A lot of the time, our cloud is accessed by people in the organization and they keep spinning up virtual machines, creating resources. Often, there are ports that open or there are certain security issues that are not handled. Because there are so many people and so many new resources coming up, it is difficult to track all of them. With the help from [Defender for Cloud], we are able to see exactly what has come up.”
Advanced Threat Protection
Threat protection is one of the core functions of a solution like Defender for Cloud. As a Cloud Architect at a pharma/biotech company put it, “We use it for threat protection. It detects any threats and provides threat recommendations.” Thiago D. concurred, sharing, “You can take a look at your malware protection, so you see all the machines. You have the ability with this product. All of these actions compile percentages on a score and they drive up the score. That way, you know how good you're actually doing and how you can continue to progress.”
Georges-Emmanuel T., CEO of Cloud Steroids, a tech services company, simply stated, “The most valuable features are ransomware protection and access controls.”
Jijo J., Managing Partner at Nissan Motor Corporation, related that Defender for Cloud improved his organization’s security posture by improving incident response times. For a different Security Consulting Manager, what mattered most was Defender for Cloud’s integration with [Azure] Logic Apps for automated incident response.
For a Cyber Security Consultant at a tech services company, what was most valuable were the solution’s security alerts and correlated alerts. “It correlates the logs and gives us correlated alerts, which can be fed into any security information and event management (SIEM) tool.”
Automation
Manual processes simply cannot keep up with cloud security workloads. Automation is, therefore, essential, as Alanjee T., a SOC Manager at a tech services company, pointed out. In his case, incident alerts became unmanageable. “It is very difficult to keep monitoring everything automatically; instead our organization is utilizing the automated use case that we get from Microsoft,” Alanjee T. said. “That has helped bring down the manual work for a lot of things."
Cloud security is not easy, but there are tools to significantly reduce the challenge. The right cloud management solution helps. One that offers visibility, security posture management, threat protection, and automation from a unified interface across a multicloud environment helps cloud security managers be efficient in delivering strong cloud security.
Learn more about Microsoft Defender for Cloud.
Let your voice be heard! If you’re a regular user of Microsoft Defender for Cloud, review your experience here.