Microsoft is prioritizing security above all else for all employees, in response to recent security problems and increasing criticisms.
Following a harsh evaluation from the US Cyber Safety Review Board, which stated that “Microsoft’s security culture was inadequate and requires an overhaul,” the company is taking action by establishing a series of security principles and objectives that will to ensure that its cybersecurity approach remains robust and adaptive to the evolving threat landscape.
Late last year, Microsoft unveiled the Secure Future Initiative (SFI) as a direct response to increasing demands for action following Chinese hackers, Storm-0558, successfully infiltrating US government email accounts. The Verge reports that, shortly after the announcement, Russian hacking group, Midnight Blizzard, were able to penetrate Microsoft’s security measures and access the email accounts of certain high-ranking members of the company. Microsoft did not detect the breach until January, almost two months later, and the hackers were able to steal valuable source code during the attack.
Cyberattacks Have Caused Significant Harm To Microsoft
The recent cyberattacks have caused significant harm, and the Cyber Safety Review Board report further exacerbated Microsoft’s security concerns by stating that the company could have averted the 2023 breach of US government email accounts and that a series of security lapses contributed to the incident.
“Microsoft plays a central role in the world’s digital ecosystem, and this comes with a critical responsibility to earn and maintain trust. We must and will do more,” stated Charlie Bell, Executive Vice President, Microsoft Security, in a blog post earlier this month. “We are making security our top priority at Microsoft, above all else – over all other features.”
Microsoft has now incorporated three key security principles into their goals:
- Secure by Design: Security comes first when designing any product or service.
- Secure by Default: Security protections are enabled and enforced by default, require no extra effort, and are not optional.
- Secure Operations: Security controls and monitoring will continuously be improved to meet current and future threats.
Microsoft’s Six Prioritized Security Pillars
These principles prioritize security during the product and service design stages, emphasize default security measures, and strengthen controls and monitoring against present and future threats. Microsoft is further expanding its security goals and actions aligned to six prioritized security pillars:
1. Protect Identities and Secrets
Microsoft has committed to incorporating top-notch standards throughout its identity and secrets infrastructure to ensure that all user accounts are safeguarded with multifactor authentication and all applications are secured with managed credentials such as certificates.
2. Protect Tenants and Isolate Production Systems
Microsoft is implementing a strategy to guarantee that only well-maintained, secure devices can connect to the company’s services, while also enforcing a least-privilege access model for all applications.
3. Protect Networks
Microsoft has made a commitment to enhance the security of its production networks and systems by implementing isolation and microsegmentation across all production environments. This strategic approach aims to fortify the defense mechanisms against potential attackers, thereby adding extra layers of protection.
4. Protect Engineering Systems
Microsoft will ensure the security of its source code at all times by implementing Zero Trust and least-privilege access policies. In addition to this, any source code that is deployed to production environments will be safeguarded by following security best practices, while test environments will also adhere to standardized security measures and infrastructure isolation.
5. Monitor and Detect Threats
Microsoft has committed to keeping all security logs for a period of two years and providing customers with six months of “relevant logs.” Additionally, they will promptly identify and address any suspicious access or configuration changes within their entire production infrastructure and services.
6. Accelerate Response and Remediation
The objective is to hinder the exploitation of unpatched vulnerabilities by implementing more prompt remediation measures. Microsoft is dedicated to decreasing the time required to address high-severity cloud security vulnerabilities and enhancing transparency regarding these concerns through the adoption of industry standards such as Common Weakness Enumeration (CWE) and Common Platform Enumeration (CPE).
SentryBay Positioned to Help Microsoft’s Security Initiative
“SentryBay’s preventative controls are positioned to augment Microsoft’s prioritised security pillars’ in light of the recent series of security failures from international threats,” commented Jeremy Greenwood, Enterprise Global Sales Lead, SentryBay. “Our patented Armored Client is proven to isolate and secure Microsoft applications in real time from credential theft and data leakage risks to protect identities, secrets, tenants, and production systems from emerging ‘day-zero’ malware threats to sensitive data.”
SecureWorld.io confirms, Microsoft is under significant pressure to swiftly recover the ground it has surrendered because of ongoing breaches by advanced hackers. In his blog, Bell states, “Microsoft runs on trust and this trust must be earned and maintained. As a global provider of software, infrastructure, and cloud services, we feel a deep responsibility to do our part to keep the world safe and secure.”
