Microsoft Azure Security Features

Microsoft provides the following critical security features; physical security; access and environmental control; firewalls; encrypted replication; high availability and disaster recovery; operating system updates and threat response; plus annual updates for Azure data centers, which are also ISO 27001 certified.

There are many components to Microsoft security, and some of the key teams Microsoft collaborates with are:

• Cyber Defense Operations Center (CDOC) – The Microsoft Cyber Defense Operations Center is a 24x7 cybersecurity and defense facility that unites our security experts and data scientists in a centralized location. Advanced software tools and real-time analytics help us protect, detect, and respond to threats to Microsoft’s cloud infrastructure, products and devices, and our internal resources.

• Digital Crimes Unit (DCU) – A team of legal and technical experts who work with law enforcement agencies – including Europol, the FBI, and Interpol – academia, global government agencies, and commercial customers.

• Cyber Hunting Teams – Microsoft’s blue teams that are constantly hunting for adversaries on our enterprise and cloud services environments.

• Malware Protection Center (MMPC) – Microsoft team responsible for the world’s largest anti-virus and antimalware service who is committed to helping Microsoft customers keep their computers secure and quickly respond to malware outbreaks by continuously gathering and analyzing data and working with organizations inside and outside Microsoft.

• Security Response Center (MSRC) – Microsoft team that identifies, monitors, responds to and resolves security incidents and vulnerabilities in Microsoft software, services and devices. Leads cross-company coordinated security response for highest severity events and partners with external organizations for coordinated cross-company and government response.

Several capabilities have integrated threat intelligence turned on by default for protecting our customers against threats. These include:

1. SmartScreen – Built into Edge to provide cloud-powered protection against attack websites, downloaded applications, and malware hosted on legitimate websites.

2. Windows Update – Updates Windows software and also removes top malware threats from PCs each month.

3. Active Protection Service (MAPS) – Cloud-powered malware detection built into Windows Defender that significantly increases detection of advanced malware.

Additionally, Microsoft has many security capabilities to protect your datacenter and identity assets. Examples include:

• Conditional Access – Restricts access to data and applications using many factors including authentication strength, device health/security, and user roles.

• Cloud App Security – Addresses shadow IT issues by enabling you to discover corporate data stored on sanctioned and unsanctioned cloud services; then establishing, customizing, and enforcing policy.

• Event Management – Provides security and Operational Health insights for your on-premises and cloud-hosted assets.

• Rights Management (RMS) – Applies policies to documents and data, enforces using strong encryption, and enables users with simple integrated controls built into Office Apps, SharePoint, and Exchange (online and on-premises).

• Key Vault – Manages and protects critical keys that your enterprise security depends on with strong hardware-rooted protection and convenience and availability of a cloud service.

• Security Center (ASC) – Provides deep insight and detailed visibility into security hygiene for Azure hosted virtual machines (VMs).

• Advanced Threat Protection – Provides a cloud-powered email filtering service that helps protect against malware in email. It protects against links as they are clicked (vs. upon clicking Send), as well as detonates attachments in a VM to protect against well-hidden malware.