I recently returned from Kenya, where I visited our Microsoft Nairobi development center. Like many of you, I’ve mostly worked from home for the past year and more, so it was refreshing to meet members of our global team and inspiring to feel their passion for our mission: delivering identity solutions that secure access to everything for everyone.
This mission has never been more important, given that identity has become the focal point of our digital society. Identity enabled us to rapidly shift to remote models when the pandemic first hit, and identity will help sustain the trend toward more permanent remote and hybrid models moving forward. But other emerging trends will also have a major impact on our digital society. Our team at Microsoft, as well as the identity community at large, is working hard to make sure you have the tools and technologies you need to navigate them safely and securely.
1. Cybercrime has become cyberwarfare
The sophistication and pervasiveness of cyberattacks have culminated in a moment of reckoning for our industry. Attacks from nation-states and global syndicates are on the rise, putting our economies and our very lives at risk as they target critical infrastructure. These attacks are methodically organized and exploit multiple vulnerabilities to gain access to trusted technologies and valuable data.
A Zero Trust security approach with identity as its foundation is the only way to survive this onslaught. Many of you have already started adopting Zero Trust principles, but blocking advanced, ever-evolving attack vectors requires applying these principles across your entire digital estate. It’s on the security ecosystem, including the identity community, to ensure that our services share signals and interoperate well with your entire infrastructure to enable an end-to-end Zero Trust strategy, with identity as a cohesive security control plane.
2. Multi-cloud is the new normal
As the cyber battle has escalated, so too has the complexity of your infrastructure. On-premises has given way to hybrid, then cloud-first, and now multi-cloud as a new normal. Cloud-based tools have enabled unprecedented automation and scale, as well as the exponential growth of non-human identities—but not without risk. A one-line automated script can topple your infrastructure in milliseconds. Machine objects and scripts can now elevate access privileges to complete administrative tasks, but if compromised, they can be misused.
Since each non-human entity has its own identity, access management becomes a key factor for protecting complex multi-cloud environments. We need services that ensure automation is trustworthy, easily managed, and fully visible so we can assess and control risk. To meet this challenge, the discipline of Cloud Infrastructure Entitlement Management (CIEM) has emerged to help manage the lifecycle and governance of multi-cloud environments. Microsoft has embraced this new category by acquiring CloudKnox.
3. Ubiquitous, decentralized computing requires a new trust fabric
As identity steps up to solve new challenges in an evolving security landscape, the core model for identity itself will become decentralized. This shift is part of a larger evolution to ubiquitous decentralized computing, where datacenters serve as the intelligent cloud facilitating interaction with smart devices and services on the intelligent edge. A decentralized identity model is the only way to achieve the speed required to authorize so many services and things at scale.
The independent nature of a decentralized model makes identity portable. When individuals can take their identities (and the personal information attached to them) with them wherever they conduct digital transactions, they gain more control over their privacy while benefiting from faster and more trustworthy transactions. This will change the world for so many industries, including finance, retail, healthcare, and others. Just a few years into this journey, proofs of concept have already accelerated demand for more convenient, secure, and private ways to interact at work, at home, and at play.
Looking forward
This is our commitment to you: the identity community will continue to collaborate closely in the coming years to help organizations everywhere stay ahead of these trends, which are daunting but exciting.
I recently shared my thoughts on these trends and ideas on practical steps our community can take to continue progress on this monumental undertaking at the 2021 European Identity and Cloud Conference. Please watch my session Identity’s evolving role in cloud security to learn more.
To learn more about Microsoft identity solutions, visit our website. Bookmark the Security blog to keep up with our expert coverage on security matters. Also, follow us at @MSFTSecurity for the latest news and updates on cybersecurity.
