At any point in time on any day of the week, Microsoft’s cloud computing operations are under attack: The company detects a whopping 1.5 million attempts a day to compromise its systems.
Microsoft isn’t just fending off those attacks. It’s also learning from them.
All those foiled attacks, along with data about the hundreds of billions of emails and other pieces of information that flow to and from Microsoft’s cloud computing data centers, are constantly being fed into the company’s intelligent security graph.
It’s a massive web of data that can be used to connect the dots between an email phishing scam out of Nigeria and a denial-of-service attack out of Eastern Europe, thwarting one attack for one customer and applying that knowledge to every customer using products including the company’s Azure computing platform, Windows 10 operating system or Office 365 productivity service.
Those security threats have heightened substantially in recent years, as criminals have built lucrative businesses from stealing data and nation states have come to see cybercrime as an opportunity to gain information, influence and advantage over their rivals. That’s led to potentially catastrophic attacks such as the WannaCrypt ransomware campaign that’s made headlines in the past few weeks. This evolving threat landscape has begun to change the way customers view the cloud.
“It was only a few years ago when most of my customer conversations started with, ‘I can’t go to the cloud because of security. It’s not possible,’” said Julia White, Microsoft’s corporate vice president for Azure and security. “And now I have people, more often than not, saying, ‘I need to go to the cloud because of security.’”
As organizations adopt hybrid cloud models for IT, the challenges for operations management continue to increase. Among those challenges is the difficulty of securing these complex environments, which include resources on-premises as well as in hosted clouds, Azure or AWS. At the same time, the cost of breaches continues to rise – the average cost of a data breach to a single company is $3.5M. To help meet these challenges, today we are announcing the general availability of new and improved security features for Microsoft Operations Management Suite, a set of cloud-based services designed to help customers protect, detect and respond to security issues across hybrid cloud environments.
Operations Management Suite (OMS) is management for the cloud, from the cloud. Delivering analytics, automation, configuration, security, backup, and site recovery, OMS gives you the ability to increase visibility and control from the on-premises datacenter to the cloud. The advantages of cloud-based management include the ability to innovate faster, scale to meet expanding requirements, and get up and running without long deployment cycles. Using cloud-based security tools also ensures that you are always working from the latest information on threats. Security and management go hand in hand, because the same data that indicates a potential performance or health issue, might also indicate a security breach. By bringing security and management together in a single cloud-based offering, OMS provides the tools you need to address threats and remediate issues without the added complexity of point solutions.
Last week we announced the general availability of Azure Security Center, a set of tools to help customers gain visibility into the security state of their Azure resources, take control of cloud security policies, and both detect and respond to active attacks. With OMS Security we bring the security analytics that are built into Azure Security Center to hybrid cloud environments, giving you the capabilities you need to handle today’s evolving security threats. OMS Security leverages the same intelligence and detection that we use in Azure and is based on the security knowledge that we gain from running a hyper-scale cloud.
With OMS Security, you can quickly assess the security posture of your hybrid cloud environment and detect active security threats. OMS Security will continuously monitor the environment for security vulnerabilities such as missing critical security updates, antimalware, and recommended security configuration baselines. To detect active security threats and attacks, the service leverages powerful event analysis paired with threat intelligence derived from Microsoft’s own cloud experience. You can centralize management for protecting systems, as well as creating alerts, implementing automatic security updates across systems, and applying security policies. A simple approach to search and queries across all data sources lets you streamline the security audit process with easy access to comprehensive and actionable security log data. With these new capabilities, IT administrators can avoid being blindsided by a breach and alert the security team if they see indicators of compromise. Security response teams can then use the same simple search capabilities to rapidly get a view across operations and security data to help stop the threat.
The new Security service includes a broad range of tools to help you get deeper visibility across multiple aspects of the security landscape. Highlights include advanced threat detection and the Threat Intelligence dashboard, which lets you visualize attacks using the same data we use in Azure. For customers using Advanced Threat Analytics in Enterprise Mobility + Security (EMS), you can now view that information in OMS, giving you a single view of security for IT operations. The new Security Configuration Baseline Assessment identifies vulnerable OS configurations that could be exploited by an attacker. To see OMS Security in action, and get a deeper view on how these features can work for you, take a look at Operations Management Suite Security in this episode of Microsoft Mechanics.
To make it easier to get access to these solutions, we announced earlier this month that you can purchase OMS via a new subscription model. Existing System Center customers can get OMS as an add-on, extending the value of existing on-premises investments.