Migrating to the cloud delivers undeniable business benefits. But it also opens the door to new cyber security risks, and unprepared cloud users may encounter nasty surprises. Understanding Microsoft’s role in the shared responsibility model is a critical first step toward safely navigating the cloud.
All too often, organizations shift data and workloads to the cloud, naively assuming the cloud provider will manage all cyber security. They learn lessons the hard way when a hacker accesses sensitive data or a user unwittingly deletes important information.
Think of the cloud as a gated community. A cloud provider such as Microsoft secures the perimeter, in this case the physical infrastructure, the platform, and the applications. But you must secure your own house, including the data and workloads that live in the cloud. The cloud provider offers useful tools, but those tools require proper configuration and implementation.
The cloud can be a dangerous place to work, as any system that touches the internet becomes vulnerable to attack. Consider the treasure trove of data moving to and from the cloud in the form of emails or stored documents. Think of all the cloud-based applications that keep businesses humming, from Microsoft Teams to CRM and inventory systems.
Every device that connects to cloud data and applications, from laptops to mobile phones, presents a possible doorway for attackers. If a hacker can compromise just one device or one account, they can gain access to the wider system.
Additionally, the cloud makes it possible for a significant percentage of workers to work remotely at least occasionally. And remote work greatly increases the use of shadow IT. When employees use any applications or cloud services not sanctioned by IT, they unintentionally create security gaps. This increases the risk of data loss and compliance issues.
When organizations work in collaboration with Microsoft and other cloud providers to secure data and systems, they reduce the risks involved.
Microsoft invests heavily in securing its global infrastructure. This includes physical security of data centers and robust security around the hardware and networking equipment that supports Microsoft 365 services. Microsoft also provides some encryption, and it employs continuous monitoring of the underlying platform to detect and remediate threats.
Further, Microsoft uses the principle of least privilege when granting system access to its personnel. That means that Microsoft engineers are granted the minimum access necessary to complete their tasks. They also have no access to customer data unless the customer specifically requests that access.
Another important aspect of Microsoft security involves securing Microsoft 365 applications. As any emerging threats come to light, Microsoft prepares and releases security updates and patches.
While Microsoft security measures play an important role, these measures alone will not protect your data. For instance, Microsoft 365 applications include sophisticated security options, but those controls require proper configuration. And security patches offer no value if users neglect to install the updates.
The security responsibilities of the customer fall into the following areas:
The beauty of shared responsibility lies in its collaborative nature. Microsoft takes care of the heavy lifting on the infrastructure side, allowing you to focus on securing your data and workloads. To help companies fulfill their side of the arrangement, Microsoft provides robust tools designed to enhance security and compliance.
Working with the data security experts at eMazzanti, organizations gain access to critical expertise and additional tools that enable them to effectively secure vital data assets.
In today’s fast-paced digital landscape, businesses cannot thrive without effective collaboration. Microsoft continues its unwavering…
An email signature accomplishes much more than simply telling readers who you are and how…
Cyber security professionals work hard to safeguard companies’ information. But with criminals constantly changing their…
Domain-Based Message Authentication, Reporting, and Conformance (DMARC) is an e-mail security protocol designed to validate…
My job is to manage my law office’s cloud servers here at Justice Freaks. As…
My worst nightmare would be to date someone who isn’t who they say they are.…