5 Key Microsoft Security Announcements At Inspire 2021

‘The Microsoft advantage is that you get more for your security dollar,’ Mason, Ohio-based Microsoft partner Interlink Cloud Advisors, Interlink Chief Technology Officer and Partner Mike Wilson tells CRN. ‘The ability to come in and get a set of tools that work well together that have low integration cost because they’re designed to work together out of the same cloud portal is incredibly valuable.’

Hot off its newly announced acquisition of attack surface management firm RiskIQ reportedly for $500 million in cash, Microsoft has a range of security updates this week at its annual Inspire conference aimed at partners, including expanded access to its Microsoft 365 Lighthouse managed security services tool and new fraud protection capabilities in Azure Active Directory.

The announcements also include a preview for a governance add-in for Microsoft Cloud App Security, an extension for Insider Risk Management and new ways to use universal templates in Compliance Manager.

Security services have been in strong demand from customers of Mason, Ohio-based Microsoft partner Interlink Cloud Advisors, Interlink Chief Technology Officer and Partner Mike Wilson told CRN. Interlink has a dedicated security practice, but its security team is involved in most customer projects.

“The Microsoft advantage is that you get more for your security dollar,” Wilson said. “The ability to come in and get a set of tools that work well together that have low integration cost because they’re designed to work together out of the same cloud portal is incredibly valuable.”

Here’s what you need to know about Microsoft’s new security announcements.

MSP Offering With M365 Lighthouse

Microsoft has a new tool in preview for partners to more easily manage security services for customers: Microsoft 365 Lighthouse.

Lighthouse is a unified portal for managed service providers (MSPs) to secure, manage and deliver services to M365 Premium customers. MSPs can find and target threats, anomalous sign-ins and device compliance issues, according to Microsoft.

Lighthouse received a limited preview launch last year. In 2019, Microsoft announced the similar Azure Lighthouse offering to put “Azure management features of all your customers into one pane, one view.“ Microsoft expanded on its Azure Lighthouse offerings at Inspire 2020.

New Fraud Protection in Azure AD

Partners that work with Azure Active Directory (AD) direct-to-consumer clients to manage identity and access will see Azure AD add new protections against fraudulent activities using customer apps.

This extension is from an integration with Dynamics 365 Fraud Protection and Azure AD B2C, a customer identity access management (CIAM) tool capable of supporting millions of users and billions of authentications a day, according to Microsoft. Azure AD B2C is used to scale authentication platforms and automatically handle denial-of-service, password spray and brute force attacks.

In March, Microsoft unveiled new Azure AD updates including an enhancement to Azure Active Directory Conditional Access, the solution for configuring and customizing access policies around factors including user, location and device and verifiable credentials for Azure Active Directory--providing a way to “issue digital claims about identity attributes based on open standards.”

Preview Of Governance Add-in

Microsoft has launched a public preview of a paid add-in app governance capability for Microsoft Cloud App Security (MCAS). The add-in allows MCAS users to monitor, protect and govern M365 apps and identify and alert others to risky behaviors.

MCAS is a cloud app security broker (CASB) that gives visibility across multicloud apps, finds shadow IT, protects sensitive information in the cloud, protects against cyber threats, assesses compliance and manages security posture across clouds, according to Microsoft.

MCAS was built from Microsoft acquisition Adallom and became generally available in 2016.

Organizations gain the ability to define and enforce app behavior policies for M365 OAuth applications using Microsoft Graph API. Users can also find anomalous app behavior with machine learning models and address issues automatically or manually, according to Microsoft.

Extension For Insider Risk Management

The “insider risk management” compliance solution in M365 has received a new extension for its priority user group capability. Now in public preview, this extension allows for fine-grained role-based access control (RBAC), according to Microsoft.

The extension adds permissions to priority user groups further limiting alerts and cases to specific individuals instead of whole groups.

Insider risk management allows users to detect, investigate and act on malicious and inadvertent activities, according to Microsoft. Users can escalate cases to Microsoft Advanced eDiscovery. Examples of internal risks include fraud, insider trading, intellectual property theft and data leaks.

In March, the tech giant introduced Microsoft 365 Insider Risk Management Analytics, which can “identify potential insider risk activity within an organization and help inform policy configurations.”

More Compliance Manager Templates Access

Compliance Manager has received new universal regulatory templates for non-Microsoft clouds. This should allow partners access to 300-plus templates used to manage customers’ compliance posture across different clouds and apps, according to Microsoft.

In September, Microsoft announced that Compliance Manager would add Microsoft’s Compliance Score solution within the Microsoft 365 compliance center, creating a new Compliance Manager library with more than 150 assessments and enabling compliance requirements based on industry and region.