Zero Trust Security Archives - Microsoft 365 Blog http://approjects.co.za/?big=en-ie/microsoft-365/blog/tag/zero-trust-security/ Tue, 28 Jun 2022 17:46:56 +0000 en-GB hourly 1 https://wordpress.org/?v=6.6.2 New experiences in Windows 11 and Windows 365 empower new ways of working http://approjects.co.za/?big=en-ie/microsoft-365/blog/2022/04/05/new-experiences-in-windows-11-and-windows-365-empower-new-ways-of-working/ Tue, 05 Apr 2022 15:00:00 +0000 Today, we are sharing details with our customers about the future of Windows and how we are developing new experiences to enhance the way we work today, and in the future.

The post New experiences in Windows 11 and Windows 365 empower new ways of working appeared first on Microsoft 365 Blog.

]]>

Today, we shared details about the future of Windows and how we are developing new experiences to enhance the way we work today, and in the future.

We released Windows 11, the operating system designed for hybrid work, just over six months ago and are energized to hear how our customers, like Tower, are finding new ways to empower employees and move their business forward.

“Windows 11 is the puzzle piece that fits so perfectly into our overarching strategy—including the modernized skill set our people now have and the relationship we enjoy with Microsoft. And that journey empowers our people to not just implement a solution, but to make Tower a leader in this space.”—Liz Cawson, Head of IT Operations, Tower.

Talking to customers is one of the best parts of my role as General Manager for the Microsoft 365 business, and I learn a lot from every conversation—whether with an enterprise leader or a small business owner. Our team has also received a lot of feedback and input about the past two years and how it has forever changed the way we work, and I‘ve observed this just walking around my neighborhood in Atlanta—the way we work is different. Our work lives are in many cases more flexible, but also more complex. It makes sense, then, that the one thing I always hear is that organizations want solutions that are streamlined across their IT infrastructure, and seamless and easy for their employees to use.

We recently released the 2022 Work Trend Index, which surveyed 31,000 people in 31 countries around the world. What we’ve learned from our 2021 and 2022 research is that this rapidly changing landscape is shaping how we think about how technology serves us at work. This has been our inspiration for the features we announced today and how we will continue to innovate in Windows for organizations and employees, helping our customers transform how we connect, collaborate, and communicate.

The most compelling data we gleaned from the Work Trend Index is that 73 percent of employees want flexible or remote options and see this as a more permanent way of working. That’s more than two-thirds of people surveyed—a compelling statistic.

As a leader at Microsoft who was hired during the pandemic and works fully remote, I can relate to the new challenges businesses are navigating in moving employees to a more permanent remote or hybrid work setting, and the challenge employees sometimes face in different environments.

So, I’m excited to build off what Panos Panay, Chief Product Officer, shared today and give you some more details about the new features we are building in Windows 11 to power your businesses and your people, no matter where they are working.

Here’s what’s coming to Windows 11.

A faster, more dynamic Windows 11 experience powered by the cloud

Last year, we introduced Windows 365, the world’s first Cloud PC, to give people a simple way to stream their entire Windows experience from the Microsoft cloud. This means an individual employee’s personal settings, apps, and contents can be securely accessed on any device. And it’s persistent and always ready to go, so they can pick up right where they left off because Windows is streaming from the cloud. I’ve heard from many customers who are finding new uses for the Windows 365 Cloud PCs in critical hybrid work scenarios—from elastic workforces like interns or contractors to high-scale computing needs like developers, to remote workers and secure bring your own PC (BYOPC) needs. Windows 365 is easy to scale up so it’s particularly useful in times of change, like mergers and acquisitions. Coats, the world’s largest industrial thread manufacturer, was an early adopter of Windows 365.

“Windows 365 delivers security and performance for the diverse needs of our hybrid workforce. It provides scalability and flexibility for our employees, developers, and external business partners, using a variety of devices, including bring your own device. It also works seamlessly with Microsoft 365 where we can manage Cloud PCs alongside our full device estate.”—Helge Brummer, Vice President of Technology and Operations, Coats.

Extending Windows to the cloud opens up new solutions that can help accelerate digital transformation by utilizing the power, intelligence, and capacity of the cloud to augment device capabilities. According to Gartner®, 72 percent of infrastructure and operations (I&O) leaders have invested or intend to invest in cloud-based user computing solutions during the next 24 months.

As the pandemic begins to slowly recede, and companies look to adopt more permanent hybrid work strategies, new integrated features are needed to enable more flexible ways of working.

A diagram highlights how Windows 365 Boot will enable your PC to log in directly to your Windows 365 Cloud PC.

So, we’re bringing the power of the cloud and familiarity of the PC together, giving people an even more seamless Windows experience without sacrificing security.

With Windows 365 Boot, I’ll be able to log directly into my Windows 365 Cloud PC at startup and designate it as my primary Windows experience on the device. This makes Windows 365 an even better solution for those temporary or frontline workforces I mentioned, where sharing devices and bring your own device (BYOD) scenarios are common. It allows different users to log in directly to their own personal and secure Windows 365 Cloud PC with their credentials.

A PC screenshot shows Windows 365 Switch, which enables you to move between desktops in the Task switcher.

If you are like me, you know the power of switching between desktop surfaces in Windows 11. Now we’re adding Windows 365 Switch, which will enable me to move between my Windows 365 Cloud PC and the local desktop just like I do between different desktops today in the Task switcher. I’ll even be able to use the same familiar keyboard commands, as well as a mouse-click or swipe gesture.

A new native Windows 365 app will give me another way to get straight to my Windows 365 Cloud PC from the taskbar or Start menu. All with a desktop path to my Windows 365 Cloud PC, providing a personal, customized welcome experience to tailor my settings, profile, and work style.

 A graphic of a PC highlights Windows 365 Offline, which will enable work in Windows 365 even when disconnected.

We are also working to deliver Windows 365 Offline, which will enable work in Windows 365 even when disconnected. When connectivity is restored, the Windows 365 Cloud PC will automatically resync with the Windows 365 service without data loss so the user experience and workflow are persistent.

Learn more about all these features in this Windows 365 blog and our new Microsoft Mechanics episode.

New inclusive and intelligent experiences and features for employees

In our most recent Work Trend Index research, we learned that 51 percent of people want a job that gives them the option to be fully remote, but they prefer a hybrid experience. The best news is that Windows 11, while designed for hybrid work, works for all scenarios—whether remote, onsite, or hybrid.

Today, I want to share with you some of my favorite new experiences coming soon to Windows 11 to make everyone working in these modern environments more effective. Best of all, these features are designed with accessibility in mind so everyone can enjoy the benefits of Windows 11.

I love how easy the centered Start menu design in Windows 11 is, and I’m excited to share how we’re building on that with new app folders right inside the Start menu. Now, I can enjoy the simplicity of organizing and easily finding apps on my Windows 11 desktop just as I’ve been able to do on my mobile device and tablet.

Refreshed File Explorer in Windows 11 to help you find what you need fast

Screenshot of the Windows 11 start refreshed file explorer screen.

One of my favorite announcements today is the refreshed experience in File Explorer. I can’t tell you how many hours I’ve spent looking for important files and folders over the years. Now, finding files is a breeze with new contextual suggestions in Windows powered by Context IQ. This recommends relevant content and contacts across Windows—including content to the cloud. For example, I can see what files I might want, including files that my frequent collaborators are working on that I also have access to.

And with Tabs in File Explorer, I’ll be able to multitask and find multiple files at the same time.

During our 2022 Work Trend Index research, we found that 35 percent of employees surveyed say they wish they could spend more time working on solitary or focused work in order to be more impactful or productive, which is why we are introducing new capabilities in Focus for Windows.

Save time with new features in Focus for Windows 11

Hybrid worker focuses on Surface device.

As a senior leader at Microsoft, I’m in meetings most of my day, and it’s often challenging to find time to get important work done. I’ve found Focus to be one of the most impactful tools to increase my own productivity. Focus was first introduced in Windows 10 to limit visual distractions and reduce clutter on the desktop. Today, Focus inside Microsoft Viva Insights helps me protect my valuable time by automatically scheduling focus time based on my schedule for the next work week. This has been a game-changer for me. And today, I’m happy to share the new features coming to Focus in Windows 11, such as an integrated focus timer and do not disturb feature that makes it even easier to track and personalize my focus time.

More natural hybrid meeting experiences powered by AI

As companies continue to take a hybrid approach, we are delivering new advancements to make virtual and hybrid meetings and collaboration feel more natural. These features* include automatic framing to refocus your camera as you move around, voice clarity, voice focus, and background blur to reduce visual and audio distractions in the background. One of my favorites of these new AI-based features is called eye contact, which improves eye contact during virtual meetings and video calls.

Better audiovisual experiences with Live Captions in Windows 11

 A PC screen shows Live Captions, a new feature that empowers people to easily access captions from audio experiences.

We are always looking for ways to improve the experience with accessible features, and today we’re making Windows 11 better for the deaf and hard of hearing communities, as well as language learners with Live Captions. This new feature empowers people to easily access captions from all audio experiences and apps across Windows, including web-based audio, such as audio from your favorite streaming websites. I love turning on captions when I’m watching my favorite shows, so this is another incredible experience we are bringing to Windows 11.

Multitasking is a snap with improved Snap layouts

What did we do before Snap layouts? I love this feature in Windows 11. It may be the feature I use the most as I’m always using multiple windows throughout the day. It’s so easy to snap together two or more related windows when I’m doing research or to multitask on up to four separate projects simultaneously. We’re always looking for ways to help people work smarter, not harder. So, now, I’m excited we are adding touch Snap layouts for touch-enabled devices. This capability is going to improve work for so many, including frontline workers using touch devices in their day-to-day work.

Empowering IT superheroes with modern management

IT departments had one of the most complex undertakings during the pandemic—keeping the digital estate of their entire, distributed workforce connected, up-to-date, and performing. And doing that as the IT administrators themselves were also working remotely added even greater complexity. With the diversity of devices used across the enterprise device landscape, including physical and Windows 365 Cloud PCs, IT truly needed to be superheroes to keep all the endpoints secure and productive.

It is cloud management in Microsoft Endpoint Manager that provides IT with the needed flexibility to protect and configure endpoints for a productive workforce as well as unlock the new features and functionality for Windows. With Windows 11 built as a cloud-powered OS, Endpoint Manager is key to helping organizations keep their devices up-to-date and upgraded when ready.

Another way to keep things updated is with our new automated service, Windows Autopatch, designed to free up IT teams everywhere by making Windows and Microsoft 365 update management easier than ever. Autopatch offers IT peace of mind when it comes to ensuring endpoints are healthy, protected, and compliant, thus enabling them to focus on other business challenges.

Autopatch enables IT to strike the right balance between rollout speed and stability thanks to a ring-based, gradual deployment. It helps you get current and stay current while hardening endpoints against threats and increasing productivity by deploying new features with minimal friction and risk. If issues arise, they won’t turn into interruptions—the service can stop and even reverse updates, which means we’ve got you covered. Windows Autopatch will be available in July 2022 as part of the Windows E3 offering. Learn more about Autopatch in this blog.

Providing flexibility and data protection

Application management for Microsoft Edge enables people to access organizational resources from an unmanaged device while giving IT the ability to control the conditions under which the resources can be accessed. With app protection policies applied from Endpoint Manager, administrators will be able to configure how data flows in and out of the organization as well as define acceptable threat levels. This allows more businesses to safely employ a BYOD model, or empower employees to access company information through personal devices without compromising privacy or protection.

A PC screenshot shows Application Management for Microsoft Edge.



Improve communication with targeted messages in Windows 11

I am also excited about a new communications function that empowers IT to send targeted organizational messages directly to users across various surfaces, such as on the desktop, lock screen, or right above the taskbar. Imagine being able to share helpful messages to new employees onboarding or reminders for important training that might otherwise get lost in email. From the Endpoint Manager admin center, IT can create messages, provide customized links or URLs, configure the viewing frequency, and of course define the targeted set of users for the message based on the integration with Microsoft Azure Active Directory (Azure AD).

A PC screen shows a new communications function that empowers IT to send targeted organizational messages.

A new era for endpoint management adds more simplicity

Our goal is to simplify what it takes for IT to protect the endpoints across their user computing landscape to help organizations support a Zero Trust security model. We are excited to enter a new era for endpoint management, one that will provide an expanded set of advanced solutions and capabilities in Endpoint Manager designed to increase endpoint security, improve user experience, and reduce the total cost of ownership of your digital estate. We are bringing together additional mission-critical endpoint and security management tools into a single, cloud-powered solution and it starts today. Read more about the news of our vision for advanced endpoint management in this Microsoft 365 blog and learn about our plans to introduce a series of premium solutions over time that will help protect endpoints in the cloud, on-premises, and across device platforms, foundational for organizations striving to achieve a Zero Trust architecture.

A PC screen captures Remote Help for Windows, a cloud-based , remote assistance tool.

The 2022 Work Trend Index highlighted that more than 50 percent of hybrid employees are considering going fully remote in the next year, so on-site tech support can no longer be the only option to resolve complex technical issues. Today we are launching the first of our premium solutions in Endpoint Manager for general availability, remote help for Windows, a cloud-based, remote assistance tool that provides a secure, trusted helpdesk to user connections. The endpoint is the new workplace. Providing resolutions to users—delivered by the right helper, with the right permissions, at the right time—is crucial for organizations in today’s hybrid world.

Help keep hybrid work safe with new security features

Given the fast-changing cybersecurity landscape, we continue to see accelerating with new threats today, it wasn’t surprising to see that cybersecurity issues and risks was the number one concern for business leaders around the world. To help address those concerns, we’re introducing new security features coming to Windows 11 to make the most secure version of Windows we’ve ever built even more secure for hybrid and remote employees.

With built-in chip to the cloud protection, Windows 11 helps organizations address the new security challenges of the hybrid workplace, now and in the future. With every release, we are making Windows more secure by default and today we’re thrilled to show you how Windows powers the future of business.

We are all potential targets of sophisticated phishing and other cyberattack attempts. I’m excited about future Windows 11 updates we are adding, like enhanced phishing detection and protection built into Windows with Microsoft Defender SmartScreen. We are also bringing more protection against malware, ransomware, data loss, and the serious risk of hardware attacks if a device is stolen. We’ve designed security in Windows to be simple for all—for businesses large and small, from IT to consumers. Our Windows customers will benefit from layers of tightly integrated hardware and software security from the chip to the cloud, designed to help protect our customers from wherever and however they choose to work. To learn more about the security innovations coming to Windows 11, visit the Security Blog.

Taking the journey to hybrid work, together 

As workplaces and world events continue to evolve, so too will the needs of your employees and organization. That’s why we designed Windows 11 to be the most flexible, secure, and productive solution for hybrid work. The features we announced today ensure that you can continue to count on Windows to move your business forward with cloud-powered technology and services that adapt and evolve to meet today’s challenges and tomorrow’s. 

Creating a durable hybrid work environment is a journey. Microsoft is on its own journey, learning as we go just like you are. That’s why we wanted to share our own Windows 11 deployment story with you, so we can all be students of the time, together. I invite you to check out my conversation with Nathalie D’Hers, Corporate Vice President of Microsoft Digital Employee Experience, highlighting the employee experience, and our case study on deploying Windows 11 at Microsoft.

One of our biggest learnings as “customer zero” for Windows 11 adoption is just how easy it was to do using familiar tools and processes like Windows Update for Business, Autopilot for new PCs, and tools in Microsoft Endpoint Manager like Endpoint Analytics to measure device health and status. With its common core and consistency across admin functions, it is easy to run Windows 10 and Windows 11 in your environment, side-by-side. And to ensure that we’re supporting you throughout your migration journey, we offer engineering-led services like Fast Track, as well as App Assure and Test Base, a powerful combination to help make sure that all of your apps are compatible.

ITC Secure, one of our earliest adopters of Windows 11, enjoyed the fast and simple process of migrating their organization and is now taking advantage of the full benefits of Windows 11.

“The ease at which ITC Secure transitioned to Windows 11 saved time, money, and stress for our IT team. Coupled with additional embedded security, Windows 11 has enhanced the hybrid working experience and even enabled those operating in secure areas to take advantage of the benefits. When used as part of the wider Microsoft Security suite, Windows 11 is the final piece of the puzzle needed to balance security and productivity.”—Alan Armstrong, Senior Cloud Security and Identity Consultant, ITC Secure.

Windows is designed for hybrid work and is ready for you today. Thank you for trusting Windows to be the platform for your business now and in the future. You can learn more about how Windows is extending to the cloud with Windows 365 here, and be sure to check out our Tech Community site for more in-depth information on features, deployment guidance, and best practices to help you on your journey to Windows 11.


*Hardware dependent

The post New experiences in Windows 11 and Windows 365 empower new ways of working appeared first on Microsoft 365 Blog.

]]>
Introducing a new era of hybrid personal computing: the Windows 365 Cloud PC http://approjects.co.za/?big=en-ie/microsoft-365/blog/2021/07/14/introducing-a-new-era-of-hybrid-personal-computing-the-windows-365-cloud-pc/ Wed, 14 Jul 2021 15:00:00 +0000 Updated on August 2, 2021: Windows 365 is now generally available to businesses of all sizes. Learn more about Windows 365 and experience it today.As some regions begin to make their way out of the challenges and disruption of the past 18 months, we’re seeing a new world of work emerge. Organizations everywhere have transformed

The post Introducing a new era of hybrid personal computing: the Windows 365 Cloud PC appeared first on Microsoft 365 Blog.

]]>
Updated on August 2, 2021: Windows 365 is now generally available to businesses of all sizes. Learn more about Windows 365 and experience it today.

As some regions begin to make their way out of the challenges and disruption of the past 18 months, we’re seeing a new world of work emerge. Organizations everywhere have transformed themselves through virtual processes and remote collaboration. And as people embrace hybrid work—with people returning to the office, continuing to work from home, or some mix of the two—things will be different all over again.

The ability to work whenever, however, and wherever it’s needed has become the new normal. All employees want technology that’s familiar, easy to use, and available across devices. And in the most complex cybersecurity environment we’ve ever seen, businesses need a solution that helps their employees collaborate, share, and create while also keeping their data safe and secure. 

We have an opportunity to design the tools that will empower this new world of hybrid work with a new perspective—and the power and security of the cloud.  

Today we’re excited to announce Windows 365, a cloud service that introduces a new way to experience Windows 10 or Windows 11 (when it’s generally available later this calendar year) for workers from interns and contractors to software developers and industrial designers. Windows 365 takes the operating system to the Microsoft Cloud, securely streaming the full Windows experience—including all your apps, data, and settings—to your personal or corporate devices. This approach creates a fully new personal computing category, specifically for the hybrid world: the Cloud PC.

Today I’d like to share with you why we think bringing the cloud revolution to personal computing will be such a milestone for how customers work in the future and the opportunities this will create for our partners.

A powerful, personalized, full Windows experience in the cloud on any device

Our recent Work Trend Index found that 73 percent of workers want flexible remote work options to stay, but at the same time, 67 percent say they also want more in-person collaboration, post-pandemic. This creates the hybrid work paradox, leaving organizations around the world to grapple with how to connect in a hybrid world and provide workers access to organizational resources at home, in the office, and at all points between.

Much like how we’ve embraced the cloud for other products, our vision for a Windows 365 Cloud PC is to deliver a new way to experience Windows through the power of the cloud—while solving both novel and traditional challenges for organizations. This new paradigm isn’t just about allowing and securing remote access. The user experience is more important than ever for attracting and retaining talent, improving productivity, and ensuring security.

The Cloud PC draws on the power of the cloud and the capabilities of the device to provide a powerful, simple, and secure full Windows 10 or Windows 11 experience that you can use to empower your workforce, regardless of location or device. Windows 365 provides an instant-on boot experience that enables users to stream all their personalized applications, tools, data, and settings from the cloud across any device including your Mac, iPad, Linux device, and Android. The Windows experience is consistent, no matter the device. You can pick up right where you left off, because the state of your Cloud PC remains the same, even when you switch devices. You can get the same work done on a laptop in a hotel room, a tablet from their car between appointments, or your desktop while you’re in the office. Seasonal workers also can ramp on and off according to the needs of the business, allowing the organization to scale for busy periods without the complicated logistical and security challenges of issuing new hardware. Further, companies can be more targeted in how they outfit specialized workers in creative, analytics, engineering, or scientific roles who need greater compute power and access to critical applications.  

Any device: Windows 365 gives you a full, personalized Windows experience, including your apps, data, and settings, on any device

Windows 365 supports your business apps—Microsoft 365, Microsoft Dynamics 365, Microsoft Power Platform—line of business apps, and more. With Windows 365, we also stand by our promise of app compatibility with App Assure, a service that helps customers with 150 or more users fix any app issues they might run into at no additional cost.

Personalized: Windows 365 is your Windows 10 or Windows 11 personalized experience--including your apps like PowerPoint--streamed from the cloud to any device.

Greater simplicity with familiar tools

One of the most important design principles of Windows 365 is simplicity. You can choose the size of the Cloud PC that best meets your needs with per user per month pricing. Organizations have two edition options that include a complete cloud-based offering with multiple Cloud PC configurations based on performance needs: Windows 365 Business and Windows 365 Enterprise.

For IT, we built Windows 365 to be consistent with how you manage your physical devices now. Your Cloud PCs show up right alongside your physical devices in Microsoft Endpoint Manager, and you can apply management and security policies to them just as you do to all your other devices.

Windows 365 is built on Azure Virtual Desktop, but it simplifies the virtualization experience—handling all the details for you. You can scale processing power and monitor the performance of the Cloud PC to make sure your users are getting the best experience. We’ve also built analytics into the service to look at connection health across networks to make sure your Cloud PC users can reach everything they need on your network to be productive. From the Endpoint Analytics dashboard, you can easily identify the Cloud PC environments that are not delivering the performance needs of a given user, and not only can you get recommendations, but you can also upgrade them at the touch of a button, which is immediately applied without missing a beat. Our new Watchdog Service also continually runs diagnostics to help to keep connections up-and-running at all times. If a diagnostic check fails, we’ll alert you and even give suggestions for how to correct the issue. 

Familiar tools: You can manage your Cloud PCs alongside your physical devices right within Microsoft Endpoint Manager.

For greater customization and flexibility, especially if your organization has virtualization expertise, we recommend Azure Virtual Desktop, which continues to see significant adoption as organizations modernize VDI in the cloud. You can read more about our increased investments in Azure Virtual Desktop in today’s Tech Community blog.

For more information about the management experience, check out the Tech Community blog from Scott Manchester.

Cloud security powered by Zero Trust

With a focus on a Zero Trust architecture, Windows 365 also helps solve for today’s critical security challenges by design, storing and securing information in the cloud, not on the device. Multifactor authentication (MFA) works to explicitly verify any login or access attempt to a Cloud PC through integration with Microsoft Azure Active Directory (Azure AD). And within Microsoft Endpoint Manager, you can pair MFA with dedicated Windows 365 conditional access policies to assess login risk instantly for each session. We’ve also designed the user and admin experiences around the principle of least privileged access. For example, you can delegate specific permissions, like licensing, device management, and Cloud PC management using specific roles, so you don’t need to be a global administrator. You can use the security baselines for Windows 10, Microsoft Defender for Endpoint, and Microsoft Edge, just like you would for your physical devices now, and we’ve built a cloud PC-specific security baseline to help you get started quickly. 

Windows 365 provides Cloud PC-specific Security baselines so you can get started quickly and securely.

If you use Microsoft Defender for Endpoint to protect your devices, it also works seamlessly with your Cloud PCs. You can use Microsoft Endpoint Manager to quickly onboard your Cloud PCs just like your other devices with Defender for Endpoint. It not only protects your Cloud PCs, but also gives you security recommendations to lower risks, and helps you quickly discover and investigate any security incidents.

Finally, encryption is used across the board. All managed disks running Cloud PCs are encrypted, all stored data is encrypted at rest, and all network traffic to and from your Cloud PCs is also encrypted.

Windows 365 means new opportunities for partners

Windows 365 creates new opportunities for partners of all types across the Microsoft ecosystem to deliver new Windows experiences from the cloud.

Independent software vendors can continue to build Windows apps, and now, deliver them in the cloud to reach a broader audience. Windows 365 also presents new development opportunities, leveraging APIs available to partners, enabling them to bring their own innovations to market. In fact, check out the Tech Community blog that highlights the solutions ISVs like Nerdio, UKG, Service Now, and Net App are announcing today in support of different user scenarios with Windows 365.

Our customers will look to system integrators and managed service providers to help them get the most out of their entire Windows estate, using the additional services that our partners like Accenture/Avanade, Atos, Crayon, Content and Cloud, Convergent, Coretek, DXC, Glueck & Kanja GAB, Insight, and Netrix continue to bring to market. For small and midsize businesses, partners like Iconic IT LLC, MachineLogic LLC, and Nitec Solutions already support Windows 365 and can assist with additional services. Original equipment manufacturers (OEMs) gain an opportunity to integrate Windows 365 into their broad portfolio of services alongside their devices’ robust features and secure hardware.

Cloud PC represents the next big step in cloud computing that connects the Microsoft Cloud and personal devices in a powerful new way. With the announcement of Windows 365, we’re inviting organizations, employees, and partners to reimagine experiences with Windows and their devices and look forward to creating new scenarios for users everywhere.

Hybrid Windows for a hybrid world

We are so excited to share this new way to experience Windows 10 or Windows 11 (when available) through the power of the cloud across all your devices. We believe this will give organizations of all sizes the power, simplicity, and security you need to address the changing needs of your workforce as you embrace hybrid work.

Windows 365 will be available on August 2, 2021, to organizations of all sizes. In the meantime, you can learn more about Windows 365 now.

We are excited to be on this journey together, and we can’t wait to learn about all the new ways you will get work done using Windows 365.

The post Introducing a new era of hybrid personal computing: the Windows 365 Cloud PC appeared first on Microsoft 365 Blog.

]]>
Why banks are adopting a modern approach to cybersecurity—the Zero Trust model http://approjects.co.za/?big=en-ie/microsoft-365/blog/2019/09/18/why-banks-adopt-modern-cybersecurity-zero-trust-model/ Wed, 18 Sep 2019 14:00:21 +0000 Many banks today still rely on a “castle-and-moat” approach—also known as “perimeter security”—to protect data from malicious attacks. Like medieval castles protected by stone walls, moats, and gates, banks that use perimeter security invest heavily in fortifying their network perimeters with firewalls, proxy servers, honeypots, and other intrusion prevention tools. Perimeter security guards the entry

The post Why banks are adopting a modern approach to cybersecurity—the Zero Trust model appeared first on Microsoft 365 Blog.

]]>
Many banks today still rely on a “castle-and-moat” approach—also known as “perimeter security”—to protect data from malicious attacks. Like medieval castles protected by stone walls, moats, and gates, banks that use perimeter security invest heavily in fortifying their network perimeters with firewalls, proxy servers, honeypots, and other intrusion prevention tools. Perimeter security guards the entry and exit points to the network by verifying the data packets and identity of users that enter and leave the organization’s network, and then assumes that activity inside the hardened perimeter is relatively safe.

Savvy financial institutions are now moving beyond this paradigm and employing a modern approach to cybersecurity—the Zero Trust model. The central tenet of a Zero Trust model is to trust no one—internal or external—by default and require strict verification of every person or device before granting access.

The castle’s perimeters continue to be important, but instead of just pouring more and more investment into stronger walls and wider moats, a Zero Trust model takes a more nuanced approach of managing access to the identities, data, and devices within the proverbial castle. So, whether an insider acts maliciously or carelessly, or veiled attackers make it through the castle walls, automatic access to data is not a given.

Limitations of a castle-and-moat approach

When it comes to safeguarding today’s enterprise digital estate, the castle-and-moat approach has critical limitations because the advent of cyberthreats has changed what it means to ward and protect. Large organizations, including banks, deal with dispersed networks of data and applications accessed by employees, customers, and partners onsite or online. This makes protecting the castle’s perimeters more difficult. And even if the moat is effective in keeping enemies out, it doesn’t do much for users with compromised identities or other insider threats that lurk within the castle walls.

The practices below are all sources of exposure and are common in banks that rely on a castle-and-moat approach to security:

  • A single annual review of staff access rights to applications.
  • Ambiguous and inconsistent access rights policies dependent on manager discretion and insufficient governance when staff moves occur.
  • Overuse of administrative privileged accounts by IT.
  • Customer data stored in multiple file shares and little idea who has access to it.
  • Overreliance on passwords to authenticate users.
  • Lack of data classification and reporting to understand what data is where.
  • Frequent use of USB flash drives to transfer files that include highly sensitive data.

How a Zero Trust model empowers bankers and customers

The benefits of a Zero Trust approach have been well documented, and a growing number of real-world examples show that this approach could have prevented sophisticated cyberattacks. However, many banks today still adhere to practices that diverge from Zero Trust principles.

Adopting a Zero Trust model can help banks strengthen their security posture, so they can confidently support initiatives that give employees and customers more flexibility. For example, bank executives would like to untether their customer-facing employees—such as relationship managers and financial advisors—from their desks and meet clients outside bank premises. Today, many financial institutions support this geographic agility with analog tools like paper printouts or static views of their counsel. However, both bank employees and customers have come to expect a more dynamic experience using real-time data.

Banks that rely on a castle-and-moat approach to security are hesitant to disperse data outside the physical network. As such, their bankers and financial advisors can only tap the dynamic models of proven and disciplined investment strategies if their client meetings take place on bank premises.

Historically, it’s been cumbersome for bankers or financial advisors on the go to share real-time model updates or actively collaborate with other bankers or traders, at least not without VPNs. Yet, this agility is an important driver of sound investment decisions and customer satisfaction. A Zero Trust model enables a relationship manager or an analyst to harness insights from market data providers, synthesize with their own models, and dynamically work through different client scenarios whenever and wherever.

The good news is this is a new era of intelligent security—powered by the cloud and Zero Trust architecture—that can streamline and modernize security and compliance for banks.

Microsoft 365 helps transform bank security

With Microsoft 365, banks can make immediate steps towards a Zero Trust security by deploying three key strategies:

  • Identity and authentication—First and foremost, banks need to ensure that users are who they say they are and give access according to their roles. With Azure Active Directory (Azure AD), banks can use single sign-on (SSO) to enable authenticated users to connect to apps from anywhere, enabling mobile employees to access resources securely without compromising their productivity.

Banks can also deploy strong authentication methods such as two-factor or passwordless Multi-Factor Authentication (MFA), which can reduce the risk of a breach by 99.9 percent. Microsoft Authenticator supports push notifications, one-time passcodes, and biometrics for any Azure AD connected app.

For Windows devices, bank employees can use Windows Hello, a secure and convenient facial recognition feature to sign in to devices. Finally, banks can use Azure AD Conditional Access to protect resources from suspicious requests by applying the appropriate access policies. Microsoft Intune and Azure AD work together to help make sure only managed and compliant devices can access Office 365 services including email and on-premises apps. Through Intune, you can also evaluate the compliance status of devices. The conditional access policy is enforced depending on the compliance status of the device at the time that the user tries to access data.

Infographic outlining conditional access. Signals (user location, device, real-time risk, application), Verify every access attempt (allow access, require MFA, or block access), and Apps and data.

Conditional access illustration.

  • Threat protection—With Microsoft 365, banks can also bolster their ability to protect, detect, and respond to attacks with Microsoft Threat Protection’s integrated and automated security. It leverages one of the world’s largest threat signals available from the Microsoft Intelligent Security Graph and advanced automation powered by artificial intelligence (AI) to enhance incident identification and response, enabling security teams to resolve threats accurately, efficiently, and promptly. The Microsoft 365 security center provides a centralized hub and specialized workspace to manage and take full advantage of Microsoft 365 intelligent security solutions for identity and access management, threat protection, information protection, and security management.

Screenshot of the Microsoft 365 security center dashboard.

The Microsoft 365 security center.

  • Information protection—While identity and devices are the primary vectors of vulnerability for cyberattacks, data is what cybercriminals ultimately want. With Microsoft Information Protection, banks can improve their protection of sensitive information—wherever it lives or travels. Microsoft 365 enables customers to 1) identify and classify their sensitive data; 2) apply flexible protection policies; and 3) monitor and remediate sensitive data at risk.

Screenshot of Microsoft Azure Information Protection requiring justification for a classified email.

Example of a classification and protection scenario.

Simplify security management with Zero Trust

Microsoft 365 helps simplify the management of security in a modern Zero Trust architecture, leveraging the visibility, scale, and intelligence necessary to combat cybercrime.

As you consider how to safeguard your modern “castle,” a Zero Trust environment is optimal for modern cybersecurity threats. A Zero Trust environment requires up-to-the-minute oversight of who is accessing what, where, and when—and whether they should even have access.

Microsoft 365 security and compliance capabilities help organizations verify before they trust a user or device. Microsoft 365 also offers a complete teamwork and productivity solution. Altogether, Microsoft 365 provides a comprehensive solution to help bank executives focus on customers and innovation.

The post Why banks are adopting a modern approach to cybersecurity—the Zero Trust model appeared first on Microsoft 365 Blog.

]]>