Satya Nadella came to Washington, DC this morning, and delivered The Microsoft State of Security address, laying out Microsoft’s security vision and all of the tools and technologies that entails.
Speaking at the Microsoft Government Cloud Forum, he articulated the company security strategy. Key to this was not only finding ways to secure the key elements of the Microsoft ecosystem — Windows, Azure and Office 365 — but finding ways to secure the infrastructure, the personal mobile devices and the services a company uses, regardless of whether they were Microsoft’s or another vendors.
Nadella pointed out that we face an increasingly broad array of security threats across a number of devices using a variety of attack techniques. While we once protected our environments within the four walls of the data center, today he rightly pointed out that is clearly not enough, not when we have devices and data moving through the world beyond the company’s purview — and soon sensors in every room in our personal and professional lives.
Nadella articulated what has become clear to everyone — that as we live in an increasingly digital world, if we are to operate on a personal and business level within this world, it’s going to require a level of trust that is lacking today because of the constant stream of breaches.
We’re In This Thing Together
What Nadella laid out was not necessarily new or ground-breaking, but stating it in this fashion illustrated clearly what the Microsoft philosophy around security is going to be moving forward. He recognizes this is not something Microsoft can do alone.
We know we don’t live in isolation. You have a heterogeneous environment and we need to operate within it. Satya Nadella
It will take a concerted effort by industry, government, law enforcement, customers and consumers to make this happen and it’s not going to be about a single vendor finding a solution. It’s far too complex for that.
“We know we don’t live in isolation. You have a heterogeneous environment and we need to operate within it,” he said.
That’s true, and we also know that in spite of many such tools from many companies, that breaches are still happening all the time. There are so many high profile breaches from Target to Anthem to Sony to the US Office of Personnel Management (and thousands of others we never hear about) that prove we are clearly losing the battle.
Nadella acknowledged as much. “2015 has been a rough year. The top 8 data breaches, have led to 160 million data records being compromised,” he said.
[graphiq id=”bcfUri7DnJH” title=”Top 10 Largest Data Breaches” width=”600″ height=”553″ url=”https://w.graphiq.com/w/bcfUri7DnJH” link=”http://endpoint-protection.softwareinsider.com” link_text=”Top 10 Largest Data Breaches | SoftwareInsider”]
He added that the estimated cost of these breaches is around $3 trillion annually, a number that puts unnecessary pressure on a world economy looking for growth. “It’s a huge issue for us collectively,” he said in keeping with the togetherness theme.
Ask What Microsoft Can Do For You
While Microsoft pushed the idea of working together, as you would expect it’s still pushing its own agenda, and that involves selling Microsoft tools and services. Today’s address while philosophical in nature in parts, was also in its own way big sales pitch to the government employees in the audience.
Microsoft wanted to send a message that it was serious about security and it has the tools to protect you. Nadella introduced the concept of the Security graph, a collection of interconnected data, that when analyzed should give you a broader picture of the security state within your organization.
It outlined a three-pronged security strategy involving intelligence, platform and partnering broadly. That involves a number of tools and technologies, and in a blog post that followed the keynote, Microsoft laid these out:
During today’s keynote, Satya Nadella showcased how innovations in Windows 10, Office 365, Microsoft Azure, and Microsoft Enterprise Mobility Suite (EMS) work in tandem with each other, and with partner solutions from across the security ecosystem to deliver a holistic, agile, security platform.
That included a number of tools including Microsoft Passport and Windows Hello that are part of protecting identity in Windows 10, Enterprise Mobility Suite to protect data as it moves through the world and prevent people from sharing business data from personal devices in an unauthorized way, Windows 10 Device Guard to help prevent users from downloading malicious programs and Advanced Threat Analytics to provide a big-picture view of security, attempting to surface the threats that matter most across the entire environment — whether Microsoft or another vendor’s products.
Nadella also stressed the importance of nuts and bolts maintenance. It’s not all about sophisticated tools and tracking. Sometimes it’s as simple as keeping your patches up to date.
Putting It All Together
It’s important to note that while Microsoft put together an impressive presentation today, it is far from alone in trying to solve these issues. At TechCrunch, we regularly cover startups that are taking various approaches to solving the security problems we face on a consumer and business level.
Other technology companies like IBM, EMC, HP, Google and many others are also working hard, and while Microsoft laid out a broad and comprehensive security vision, it can’t solve the word’s security problems on its own.
The target is always moving and security is a giant chess match where companies like Microsoft make their move to protect their systems and customers and the hackers (or whatever you choose to call them), make theirs.
It would be nice to think that one company’s CEO could walk into a room, deliver a speech and it would be all be solved, but it is an ongoing problem that will take the effort of the entire industry working together to solve.
Nadella recognizes this and he understands the importance of closing up loop holes and giving consumers and businesses some semblance of control.
“When you talk about empowering every person and business on the planet, it’s even more important to build trust into core of what we are doing.” And that has to be the goal of the entire industry.