In this second of our four-blog series, we’ll see how prevention is truly the best defence. And as organisations continue to transition to the cloud, independent software vendors have been instrumental in building innovative cyber security solutions that appeal to customers in the fast-paced world of digital transformation.  

Darktrace, one of TIME magazine’s “Most Influential Companies” in 2021, is one such vendor. Currently protecting nearly 8,900 organisations around the world, including Royal Caribbean, City of Las Vegas, and McLaren, Darktrace works with companies of all sizes and in all verticals – from enterprises to governments, or small and medium businesses.  

Darktrace AI is designed to work with your security team across the entire attack lifecycle, providing clear analysis and context in ordinary language to drive understanding and efficiency. The solution integrates seamlessly with Microsoft Azure Sentinel and hosts its email service on Azure. Read on to discover how Darktrace’s AI-powered security products, available on the Microsoft marketplace, can help protect your organisation, building even greater confidence that your business, data and staff are safe.

On a mission to mitigate cyber-disruption  

As a global leader in cyber security AI, Darktrace is on a mission to tackle and minimise cyber-disruption. Breakthrough innovations in their Cambridge-based Cyber AI Research Centre have resulted in over 160 patents filed and research published to contribute to the cybersecurity community. That’s great news for stretched security teams, who are struggling with increasingly complex digital systems and an escalating threat landscape – from fending off ransomware attacks and data leaks, through to phishing and supply chain attacks.  

In fact, Darktrace research found that traditional email security tools, which rely on knowledge of past threats, take an average of 13 days from the launch of an attack to detection of it. (Source: Major Upgrade to Darktrace/Email™ Product Defends Organizations Against Evolving Cyber Threat Landscape.)

Darktrace has tackled the challenges of traditional cyber security efforts by turning the entire approach on its head. 

Responding to threats by knowing you

Rather than study attacks, Darktrace’s technology continuously learns and updates its knowledge of your business. Its distinction lies in the algorithms and data it uses, and how the two interact. Instead of training an AI on historical attacks – an approach that requires constant updating and maintenance – Darktrace takes their “Self-Learning AI” to your data. It’s plugged into your enterprise and learns in real time from everything that happens in your digital world – including email, cloud environments, manufacturing and operational systems, and physical locations.  

From this, the AI builds up a sense of “normal” for your organisation. This allows it to identify unusual patterns that indicate a cyber-threat – and then take targeted action to contain emerging attacks.  It then applies that understanding to optimise your unique state of cybersecurity.  

In effect, Darktrace is fuelling a continuous end-to-end security capability that can spot and respond to novel in-progress threats within seconds.  

In reality, that translates to increased threat detection accuracy and time savings – freeing you up to focus on what matters most: running your business. 

Bespoke solutions that build confidence 

According to Dan Fein, Director of Product at Darktrace, “Cyber-criminals will do whatever it takes. Daily, we see attackers impersonate CEOs or compromise vendors’ accounts to send out targeted, topical emails that look legitimate. Our security products align perfectly with Microsoft’s, allowing us to build even greater confidence among our mutual customers that their business, data and staff are protected.” 

What could that mean for your business? With Darktrace, you’ll be equipped to:  

• Detect and respond to cyber-attacks, including unknown and highly targeted attacks that evade traditional tools trained on historical attack data.   
• Stop phishing attacks with increasing accuracy, based on an understanding of “normal” user behaviour and communications.   
• Defend against threats across the entire digital enterprise – from cloud and email systems to networks, endpoints, and Operational Technology – with the same underlying AI technology.  
• Reduce triage and investigation time by automating tedious, repetitive tasks.   

Businesses are already seeing the benefits, with Darktrace customers reporting significant improvements in threat detection accuracy and time savings. One real estate enterprise reported a 95.83% reduction in time to identify potential threats. Another healthcare organisation reported a 90% reduction in triage time.  

Driving cognitive AI with Microsoft Security Copilot 

Helping to take cutting-edge cybersecurity to new levels, Darktrace is taking part in Microsoft’s Security Copilot Partner Private Preview.  

Security Copilot is Microsoft’s next-generation AI-powered security product that enables security professionals to respond to threats quickly, process signals at machine speed, and assess risk exposure in minutes. It combines an advanced large language model (LLM) with a security-specific model that’s informed by Microsoft’s unique global threat intelligence and more than 65 trillion daily signals. 

Selected for their proven experience with Microsoft security technologies and their close relationship with Microsoft, Darktrace will give feedback on Security Copilot product development, helping to refine new scenarios and drive future product releases. 

Get added benefits of buying through the marketplace 

Trust, simplicity and efficiency all count for a lot. Buying from the Microsoft marketplace means all solutions are certified and optimised to run on Azure. You’re able to use private offers to get exactly what you need, including customised terms and conditions, negotiated pricing, prototypes for proof of concept, and tailor-made solutions. 

Better still, transact in a single, accessible place, reducing procurement complexity, saving time and simplifying billing. Apply eligible purchases to your organisation’s Azure cloud commitment by contributing 100% of the purchase off your Azure Marketplace invoice.  

All while enjoying the peace of mind that comes from buying and running solutions on a trusted cloud with industry-leading security.  

Start protecting the Darktrace way today  

See what Darktrace discovers in your environment. Visit the Microsoft marketplace to buy Darktrace/Email or DarktraceDetect now, or contact our team at ISVUK@Microsoft.com.  

Other blogs in this series

Blog 1: Driving your AI transformation with the Microsoft marketplace 

Blog 3: Optimising business operations through AI-powered solutions 

Blog 4: Deliver transformational employee experiences through AI-empowering solutions

About the author

James joined Microsoft 15 years ago and has held leadership positions across the Consumer, Enterprise, and the Partner teams at Microsoft. James is currently the ISV Ecosystem Lead and has a passion for people and technology coming together to drive customer success. James has been at the forefront of Cloud & Digital transformation for the last 10 years launching new business models and driving transformation through the Microsoft Partner ecosystem resulting in and contributing to exciting new revenue streams and significantly accelerated growth for Microsoft and Partners.

The post Safeguarding your business with AI-powered security solutions  appeared first on Microsoft Industry Blogs - United Kingdom.

Sophisticated cyberattacks are on the rise

According to the Microsoft Digital Defense Report 2022, over 100 million attacks against remote management devices were observed in May 2022, up 500 percent on the past year. Human-operated ransomware remains the most prevalent cybercrime, however. One-third of targets are successfully compromised by criminals using these attacks, and 5 percent of them are ransomed.

Old perimeter-guarding strategies are no match for these increasingly sophisticated threats. An organisation needs to embrace a modern, data-driven and people-centred approach to managing security risk. This can help to identify and tackle existing threats more effectively while learning to anticipate new ones.

What is a security culture?

An organisation’s security culture is built on shared values, attitudes and ways of acting. It’s therefore hard to change, and it takes time. Creating a culture of security needs colleagues to understand the potential costs of a security lapse. They must also understand how bad actors tend to operate, and why existing security strategies are no longer adequate.

In the current climate, digital communications and cloud data management provide multiple ways to access organisations that previously didn’t exist. Once inside your network, cybercriminals can move laterally, seeking out value.

Zero Trust relies on strong identity verification

Adopting strong identity verification is key to Microsoft’s Zero Trust approach. Real-time data provides information on the user, the device, and the location – which is crucial in a hybrid world of work. Connecting both cloud and legacy systems to a single identity solution provides end-to-end visibility of an organisation’s digital presence. This helps to protect against internal threats that old-fashioned firewalls would miss. Where there is doubt, a Zero Trust approach applies conditional access. Where there is risk, it is assumed a breach.

A security strategy that enhances overall performance

Adopting a Zero Trust approach brings immediate improvements to an existing security posture, and builds a path that continuously improves risk management. It simplifies security processes to enhance customer experience, and potentially lowers costs by eliminating the need for external security providers.

Adopting a best-in-class security strategy can also make an organisation more forward-focused and risk-responsive in general. Nurturing a security culture brings long term benefits to a company as a brand and to its overall effectiveness in the marketplace. Security is not just a cost; it drives trust and therefore adds value.

Security culture starts small and collaboratively

When implementing a new security protocol, take a step-by-step approach beginning with a small, controlled group and a security risk that qualifies as low-hanging fruit. Once new protocols have been validated, and teams have given feedback, it can be expanded to another part of the business, such as identities, infrastructure, devices, data, networks or apps.

As for implementing organisation-wide security culture change, this will benefit from full and visible support from your senior leadership team. Aim to implement your new strategy collaboratively, and through a phased programme of activities. Taking a creative approach to security skilling and education helps stimulate staff engagement. Microsoft for example produces a successful video series that follows the security-themed adventures of its protagonist, Nelson, which gets promoted internally.

Understand and work with colleagues who may express resistance to change. While moving to new day-to-day practices – for example, new ways of working with different classes of data – openness and empathy will be crucial in empowering all teams to own, understand and learn from their inevitable mistakes.

Data-driven monitoring spots emerging risks

In time, your security strategy can become more sophisticated. AI can be deployed to detect abnormal behaviour and protect your organisation’s most sensitive information from accidental exfiltration as well as bad actors. Microsoft Azure, Azure Sentinel and Microsoft 365 apps can document your compliance with regulations, monitor access, and apply data analytics to predict where the next security risk might emerge.  Data metrics can guide security strategy on the principle of maximising costs to the attacker and prioritising your most valuable data. Many of Microsoft’s UK customers and partners have benefited from this security-first approach.

LGL money managers find security on the cloud

LGL Group are a financial services company who were frustrated by the cost and complexity of enterprise-grade cybersecurity. Microsoft worked collaboratively with LGL to design a roadmap that modernised their security controls, enhanced their security posture and reduced their reliance on third-party application subscriptions, driving down costs. By migrating to the latest Microsoft 365 and Azure security stack, LGL also benefited from a more streamlined and simplified hybrid security system.

Meanwhile Microsoft continues to work with schools and colleges to close the cybersecurity skills gap, with targeted investments here in the UK. Salford City Council leveraged the skills and resources of the Microsoft Enterprise Skills Initiative to develop a cyber strategy and a security operations centre using Microsoft Sentinel. It now aims to share its best-in-class skills with other public sector organisations to proactively monitor, detect and respond across Greater Manchester.

Zero Trust is a journey

Zero Trust is a journey, not a destination. Visit the security hub at Microsoft Business Security Solutions and discover how Microsoft can help you implement an identity environment with cloud identity federation, strong authentication and conditional access at its core.

Find out more

Microsoft security blogs

Strong identity management provides Zero Trust security

Microsoft Sentinel strengthens Salford Council’s cybersecurity

The post What is a ‘security culture’? Best practices for implementing your security strategy appeared first on Microsoft Industry Blogs - United Kingdom.

As the landscape of work has changed, so have cyberthreats. Technology has enabled the rise of remote and hybrid working. However, this increasingly complex environment also means there’s more vulnerabilities. Leaders have seen three trends rise:

1. Stay competitive in a fast-evolving business landscape.
2. Defend against cyber threats.
3. Achieve both the above goals while reducing complexity and modernising the business.

To manage risk in a hyper-connected digital environment, organisations must evolve their cybersecurity strategies. A traditional perimeter-based approach needs to shift to a posture of resilience.

At Microsoft, we analyse over 24 trillion threat signals daily and engage with hundreds of thousands of customers. This allows us to share our unique perspective on the threat landscape and the top challenges facing organisations today, and the ways they can overcome them.

Embrace vulnerability to drive cyber resilience

In today’s world, work happens across premises, cloud applications, devices and networks. However, our Work Trend Index states 52 percent of employees are considering hybrid or remote work. That means flexible ways of working are here to stay.

As a result, businesses won’t be able to retreat back to walled on-premise security options. Leaders must embrace vulnerability as a feature of hybrid work and minimise the business impact of attacks.

Implement the cybersecurity fundamentals

According to our Digital Defense Report, basic security hygiene still protects against 98 percent of attacks. Take basic security precautions like:

• Enabling multifactor authentication
• Applying least privilege access
• Keeping versions up to date
• Utilising antimalware
• Protecting data

This can help organisations prepare for and mitigate most modern cyber threats. Additionally, it can help prepare for the evolution of threats as technology advances.

Get started with Microsoft Security Best Practices

Adopt Zero Trust for cyber resilience

In a world where it’s harder to predict or prevent an attacker, it’s important to assume they will get in and limit their exposure. This approach – never trust, always verify – is called Zero Trust. By centering on strong user identity, device health verification, and secure, least-privileged access to resources, organisations can minimise unwanted movement. Plus, rich analytics and intelligence can help detect and respond in real time.

A Total Economic Impact™ study conducted by Forrester Consulting and commissioned by Microsoft found that Zero Trust unlocked 92 percent return of investment and reduced the risk of a data breach by 50 percent.

Take the Zero Trust assessment

Empower users

As we connect more systems together, our security landscape can become more complex. When you focus on digital empathy, you can ensure users can easily and securely engage with the environment. By thinking about the way users interact and use technology, you’ll build more inclusive, resilient systems.

Education is also key. With ongoing and engaging skilling, you’ll build a culture of enablement, trust, and engagement. This will significantly improve reporting and provide earlier warning of attacks. We saw a 50 percent year-over-year reduction in employee susceptibility to phish attacks after simulation training.

Insider risk, whether malicious or negligent, can cost organisations up to US$4.6m per incident, according to the 2022 Cost of Insider Threats Global Report by Ponemon Institute. It’s important to develop the right strategy that supports digital empathy, while reducing insider risk.

Learn how to protect data from insider risk

Unify your digital estate

As organisations move to cloud servers to deliver business functions, there is the need to have effective threat protection, mitigation strategies, and tools in place. 61 percent of security leaders say the cloud is the most susceptible to attack. Securing the cloud takes a different approach than securing an internal network. However, with misconfiguration and inconsistent security policy application being the chief cloud vulnerabilities, it’s important to ensure you have informed cloud experts in your team.

Protect devices and endpoints

A Zero Trust approach alongside integrated business security solutions can help build resilience, while protecting across your digital estate, including endpoints. And when paired with devices that have built-in security, empower employees to focus on their work while staying secure.

Protect your organisation from anywhere with endpoint security

Weave cybersecurity into business function to build cyber resilience

Our research found that more than half of security leaders feel vulnerable to a significant cyberattack. At the same time, those who felt most vulnerable are the most mature in their security posture.

A Zero Trust posture elevates security from a protective service to a strategic business enabler. By ensuring everyone can understand policies and risks, security is embedded into each function, building a culture of trust.

Cloud technology can also help build resilience by making organisations more agile to external factors like natural disasters and other incidents – not just cyberthreats. And all while driving innovation and productivity.

Find out more

Microsoft Digital Defense Report

Imagine security that drives innovation

Learn how to protect data from insider risk

Protect your organisation from anywhere with endpoint security

About the author

The post Drive cyber resilience and stay secure against heightened threats appeared first on Microsoft Industry Blogs - United Kingdom.

Multi-factor authentication adds another layer of protection to the sign-in process. After all, if you only use a password to authenticate users, it leaves an insecure vector for attack. What if the password was weak? Or if it was exposed elsewhere? Are you sure that person signing in is really the user? When you require a second form of authentication that isn’t easy to obtain, you are building another layer of security.

Therefore, ensuring you use the right type of MFA service is of critical importance. Different MFA solutions can have a dramatic impact on cost, user experience and your resilience to service outages and attacks. In this post we’re going to look at some of these factors and make some recommendations to ensure your MFA solution enables your organisation, and your people, to be productive safely.

1.      Optimise security processes to bring down costs

A vulnerable entry point for cyber attackers is to use credential-based attacks to access networks and steal data or spread ransomware. However, multi-factor authentication stops 99.9 percent of credential-based attacks. That’s why MFA really is one of the most fundamental security measures. At Microsoft, we deploy MFA to protect our customers, our data, systems, and our business. Azure AD MFA is used across our consumer platforms like Outlook.com and Xbox, as well as thousands of other online services. In fact, its foundational to our five steps to secure your identity infrastructure.

Online retailer Asos uses Azure AD (including MFA) to protect identity as the new perimeter. By automating, provisioning and deprovisioning user accounts across its SaaS landscape, they have reduced costs and errors, all while improving productivity.

“Our service desk spends much less time setting up users and creating or deleting accounts, which gets our costs down,” says Mark Lewis, Infrastructure Architect at ASOS. “We made our lives easier by adopting Azure Active Directory—we’ve saved time and money, improved the employee experience, and enhanced the security of our entire SaaS ecosystem.”

Where cost may be a blocking factor, in Azure AD the options to use SMS and phone-based MFA are free. In the case where certain users might be specifically targeted, you can selectively upgrade people to P1 or P2 licensing models and nudge people towards using the Microsoft Authenticator app with a one-time-password or notification-based MFA.

These days, it’s easy to enable MFA for all with one click. However, you don’t have to take a single, big-bang approach. You can onboard users into MFA in batches that are digestible by your service desk. Typically, 10 percent of any given batch will need support, so the ability to onboard in batches has a dramatic impact on the cost of deploying MFA. For employees, using multi-factor authentication when paired with single sign-on can increase productivity as they can access everything they need without re-entering passwords.

And if there is still resistance, this is one of those measures which business leaders should by now expect. We’ve seen the reports of the cost and reputational damages that security breaches can have on organisations. Leaders should be challenging IT to ensure the safety of their customers, employees, systems and data. And MFA is one of the critical elements to delivering that.

2.      Balance security and productivity with multi-factor authentication

Pre-cloud, security was ring-fenced around the data centre and the physical office, with the network perimeter as the main defence. Often, these featured early methods of MFA – such as one-time passcode fobs or smart cards. However, on-premise environments can be open to attack through misconfigured web and VPN services, lack of patching, as well as credential hygiene issues.

As organisations move to hybrid cloud-based environments, they can take advantage of existing Zero Trust capabilities with the knowledge that we will be investing a further $20 billion in our security solutions over the next five years to help defend against ransomware and other threats. With MFA in Azure AD you are consolidating your identity services into a strong and highly trusted environment. You’re not only increasing your resilience to ransomware and supply chain attacks, but also other outages that can occur on-premises.

For Durham University, they used MFA and Azure AD to ensure their staff and students could keep learning remotely. They use single sign-on to access everything they need whilst keeping their intellectual property secure. “By migrating to Azure AD, we’ve moved the responsibility of high availability to Microsoft, who, let’s face it, are scaled to do a better job than we could. Our services are much more resilient.” Says Craig Churchward, Technical Specialist for Windows Platform.

You can also maximise your ability to take advantage of new features as they are delivered, without any concerns for integration and support across vendors. Additionally, older platforms often involve backend server infrastructure, physical tokens and the man-hours needed to issue, replace and troubleshoot those tokens. With Azure AD MFA, users no longer need physical tokens. Additionally, there’s no server infrastructure to maintain. Your IT and security teams can focus on high-value tasks.

3.      Multi-factor authentication empowers secure hybrid working

A core tenant of Zero Trust is to never trust – always verify. Regardless of where the request originates or what resource it accesses, it is always fully authenticated, authorised, and encrypted before granting access. This helps build secure hybrid working. It makes it easier for employees to connect from anywhere, on different devices while protecting organisational data.

MFA and Conditional Access are key to Rabobank’s mobility strategy. “We require multi-factor authentication for mobile access today and have Conditional Access policies set up to require new device enrollments to happen on the corporate network. Most importantly, people can enroll and get access quickly—which is good, because we didn’t want to create this digital workplace and slow people down with security,” says Abe Boersma, Global Head of Workplace Services.

Identity is now recognised as one of the core services we use to secure the enterprise. Your identity stack, including your MFA service, is a key component of Microsoft’s security control plane. You can discover more in the guidance found in the Microsoft Cybersecurity Reference Architectures (MCRA) and Enterprise Admin Model.

4.      Build a strong security culture

A human-first security culture will help employees stay productive and secure in the hybrid workplace. One factor of this to have a strong password policy. At Microsoft, we see over 10 million username/password pair attacks every day. Build your strategy on updated password policy guidance from NIST, NCSC and Microsoft. Using technology such as Windows Hello for Business, the Microsoft Authenticator app and FIDO2 tokens alongside MFA will help to reduce successful credential attacks You can find out more about passwordless tech from Microsoft Security Team member, Alex Weinert in his blog; Your Pa$$word doesn’t matter.

If passwords are going to be with you for the foreseeable future, Azure AD Password Protection helps users select passwords that are not commonly known and Azure AD Self-Service Password reset will minimise the operational cost of passwords.

5.      Close the door on insecure legacies

From our research, we’ve seen most opportunistic attacks target legacy authentication protocols that bypass MFA. But there is an effective control to prevent this. Disabling legacy authentication and enabling MFA is one of the most impactful things you can do to prevent credentials from being compromised. Microsoft provides the tools to you accomplish this. In new Azure tenants, legacy authentication protocols are disabled by default, but many existing tenants still have this enabled.

Building a secure hybrid workforce

Multi Factor Authentication is becoming increasing important for an organisation’s cybersecurity. To stay resilient, organisations need to ensure employees can securely and easily access their work across devices, no matter where they are. MFA helps achieve this. Also, by modernising MFA organisations can increase resilience to attacks and service outages. They can also improve agility in adopting new features while supporting legacy systems.

Find out more

Build a modern security strategy

Security and mobility

Discover MFA

Resources to empower your development team

Secure Azure Active Directory users with Multi Factor Authentication

Manage identity and access in Azure Active Directory 

How Multi Factor Authentication provides secure access to resources

About the author

Gavin works within the Customer Success team at Microsoft. His aim is to make customers more productive, more secure, and ultimately more successful through features like Azure AD. Having seen what modern ransomware attacks can do up close, Gavin is passionate about helping keep an organisation’s customers, staff, systems and data safe. He is also a keen cyclist (on and off road), husband and father to three young children. You can catch him on Twitter @gvnshtn and on LinkedIn.

The post How multi-factor authentication empowers secure hybrid working appeared first on Microsoft Industry Blogs - United Kingdom.

In the new world of work, it’s important to keep your people at the heart of your business. That’s why empowering them with the tools they need to work smarter will help you create an inclusive and resilient culture. A Forrester study found that workers realised almost two hours in daily productivity gains using Microsoft 365 on Surface, while reducing security breach costs by about 20 percent. We’re going to dive into the ways you can embrace the productivity gains of a robust security strategy, while empowering employees to do their best work from anywhere.

1.      Extend security across your entire stack

A security strategy needs to ensure your entire digital estate is secure. Ensure your entire stack is optimised with devices and applications that have built-in security based on a Zero Trust model. Surface meets the same security standards of all Microsoft software and services, making it a strategic part of your security stack.

But what is Zero Trust? It’s a security model that adapts to the new hybrid workplace and embraces mobility and remote working. By assuming breach, Zero Trust verifies each request or what resource it accesses regardless of where the request originates. By never trusting and always verifying, it ensures every access request is authenticated, authorised and encrypted before granting access.

This identity-based approach works in the background and enables things like single sign-on. Employees can, for example, sign into their Surface device with Windows Hello, a reliable, fully integrated biometric authentication based on facial recognition or fingerprint matching. Because the Surface optimises apps, it makes it easier for employees to work together. In fact, that same Forrester study I mentioned earlier also found that 88 percent of survey respondents said that Microsoft 365-powered Surface devices had helped their employees become more collaborative.

Construction firm Willmott Dixon saw an immediate improvement in productivity when using Surface and Microsoft 365. “A lot of our architects and engineers live quite far away. We now connect with them via Teams” says Simon Wilson, Senior Operations Manager. “We’ve seen projects that have reduced design time from 12 weeks to eight weeks. That is a true saving to the project.”

2.      Manage your security strategy your way

Zero Trust also helps your IT team manage your security infrastructure by combining threat protection, detection and response. Security can be managed from an easy to use control centre, protecting users, data, and endpoints. An integrated approach takes advantage of AI and automation. They take over low-level risk detection and real-time analytics to monitor and respond. This reduces chronic alert fatigue and means analysts can focus on critical alerts or higher threats.

The built-in security of Surface and Microsoft 365 makes it easy for your IT team to optimise to meet your specific needs. You can even go beyond traditional software-based policy management. Firmware configuration settings can deliver an extra level of hardware control and manageability. For example, the camera can be turned off for any device in highly secure areas to reduce risk. The built-in security of Surface and Microsoft 365 makes it easy for your IT team to optimise to meet your specific needs. You can even go beyond traditional software-based policy management. Firmware configuration settings can deliver an extra level of hardware control and manageability. For example, the camera can be turned off for any device in highly secure areas to reduce risk. Surface also benefits from three security features: Trusted Platform Module (TPM), Unified Extensible Firmware Interface (UEFI) and Device Firmware Configuration Interface (DFCI).

TPM: This military-grade security protects the keys used in authentication and encryption.

UEFI: This protects the firmware from malicious attacks. Maintained by Microsoft, so that from the time the power button is pressed to the time that the operating system boots, organisations can avoid a critical vulnerability point and be assured that the latest UEFI updates are pushed out.

DFCI: Born from the Microsoft cloud offerings and enabled fast cloud deployment and management down to the firmware and component level. Benefit for those using AutoPilot via InTune, perfect for cloud first deployment, management and end of user decommission from your IT admin. DFCI gives users freedom to work from any location while still maintaining control and security.

Microsoft Surface Enterprise Management Mode (SEMM) is a feature of Surface devices with Surface UEFI that allows you to secure and manage firmware settings within your organization. With SEMM, IT professionals can prepare configurations of UEFI settings and install them on a Surface device.

While these make it easy for your IT team to manage, a compliant organisation often hears from employees that security measures make it harder for them to access the tools they need to work. When you have built-in security, you can ensure pain-free access without compromising the employee experience. A biometric single sign-on such as Windows Hello can make it faster for your employees to log in. Additions like multi-factor authentication can also reduce credential attacks by 99 percent.

The Department of Work and Pensions (DWP) actively serves 25 million British citizens. Their cloud-first strategy allows them to be more agile and efficient. As a result of this approach, they are less reliant on expensive and hard-to-maintain on-premise infrastructure and are able to scale with the demands of business. By pairing this approach with Surface devices, they’re ensuring advanced security standards are applied from chip to cloud. “We’re making sure our solution covers all these security standards without limiting user experience,” says Nava Ramanan, Workplace Computing Lead Technical Architect at DWP.

3.      Minimise risk and reduce costs and complexity

With the right tools and devices it is possible to increase security and productivity while reducing costs and complexity. Surface powered by Microsoft 365 improves enterprise security by reducing both the number of security breaches and remediation costs—all without impacting workforce productivity or the employee experience. Forrester found that the number of annual breaches was reduced by 50 percent per year by using two-factor authentication, Advanced Threat Analytics, and Surface Enterprise Management Mode (SEMM).

By integrating new agile methods of device deployment and management, you can improve IT efficiency while reducing overheads. When combining Surface with Microsoft AutoPilot and Windows 10 Pro, IT teams saved four hours per device deployed.

As a local government, Warwickshire County Council is under increasing pressure to make resources go as far as possible while maintaining and improving services for its community. They made the bold decision to reduce costs by going from a combination of eight different devices to just one. They deployed Windows AutoPilot to optimise their IT team and ensure staff could start working straight out of the box.

“In just three months we migrated 4,500 staff to Microsoft 365 and Surface Pro. And less than one percent of users raised any issue with that at all,” says Craig Cusack, Assistant Director for Enabling Services.

Keeping workforce productivity at the heart of your security strategy

When you integrate your devices, apps and cloud security provisions, based on a Zero Trust principle, you can drive a highly orchestrated, centrally managed security solution. This makes it easier for your IT team to manage and deploy. It also embraces productivity and collaboration to ensure your employees stay secure and working at their best, even when remote.

UK law firm Shakespeare Martineau rolled out Surface devices to pair agility and freedom with improved end-point security, flexible productivity and practicality. In the end, it did much more, including improving morale, productivity and reducing downtime. They also saw an increase in billable hours and enhanced client satisfaction.

“Microsoft Surface complimented our strategy and was the device of choice to support our positive passionate people. The product is very good – in style, different ways of working and real performance – and it gives our staff the agility and freedom to work in a way that suits their lives whilst maximizing productivity and effectiveness,” says Dal Virdi, IT Director.

This also has the advantage of doing more with less. Implement new agile ways of working with a standardised portfolio that optimises the software and apps you run. Not only will this encourage your employees to work better together, but you’ll also benefit from improved efficiency and reduced overheads. That way you can spend more time innovating and delivering a great experience for the customers you support.

Find out more

Security and Endpoint Management with Surface: Surface for Business

Visit the website: Reimagine security and risk management

Download the eBook: Modernise your endpoint security strategy

Resources for your development team

Read the blog: Data security and encryption best practices

About the author

Chris is Surface for Business product portfolio lead for Microsoft in the UK. As the owner of the UK product proposition, Chris enjoys understanding business challenges and bringing together product propositions that empower individuals and businesses to achieve their business objectives. With over 13 years of experience in hardware technology, Chris has held a number of roles in Product Management, Marketing and Sales across the industry in the UK and abroad.

The post 3 ways to create a robust security strategy for remote teams appeared first on Microsoft Industry Blogs - United Kingdom.