Zero Trust

Jun 26, 2024   |   Inside Track staff

Implementing strong user authentication with Windows Hello for Business

[Editor’s note: This content was written to highlight a particular event or moment in time. Although that moment has passed, we’re republishing it here so you can see what our thinking and experience was like at the time.] Deploying Windows Hello for Business internally here at Microsoft has significantly increased our security when our employees...

Jun 19, 2024   |   Josh Krenz

Building an anti-ransomware program at Microsoft focused on an Optimal Ransomware Resiliency State

Microsoft strives to deliver the productivity tools and services the world depends on. With this comes the responsibility of ensuring protection, continuity, and resilience from cyberattacks of all sorts—including emerging threats. Highlighted in the third edition of the Microsoft Digital Defense Report, ransomware and extortion are considered nation-level threats due to the sophistication and boldness...

May 30, 2024   |   Justin Couture

Empowering our employees with generative AI while keeping the company secure

Copilot for Microsoft 365 Deployment and Adoption Guide Read our step-by-step guide on deploying Copilot for Microsoft 365 at your company. It’s based on our experience deploying it here at Microsoft: Full version eBook version Version for executives eBook version for executives Generative AI (GenAI) is rapidly changing the way businesses operate, and everyone wants...

Apr 3, 2024   |   Lukas Velush

Empowering employee self-service with guardrails: How we’re using sensitivity labels to make Microsoft more secure

At Microsoft, empowering our employees to do their best work means trusting them with self-determination. But to do that safely, we need clear data loss prevention systems in place. We describe it as self-service with guardrails. Giving employees that level of freedom relies on a robust governance strategy across our data estate that features employee-facing...

Apr 3, 2024   |   Aleenah Ansari

Using a Zero Trust strategy to secure Microsoft’s network during remote work

[Editor’s note: This content was written to highlight a particular event or moment in time. Although that moment has passed, we’re republishing it here so you can see what our thinking and experience was like at the time.] Microsoft’s cloud-first strategy enables most Microsoft employees to directly access applications and services via the internet, but...

Mar 15, 2024   |   Lukas Velush

Looking back at deployment of Windows 11 at Microsoft

[Editor’s note: This content was written to highlight a particular event or moment in time. Although that moment has passed, we’re republishing it here so you can see what our thinking and experience was like at the time.] Windows 11, built on the same foundation as Windows 10, came to us at a time when...

Mar 12, 2024   |   Justin Couture

Lessons learned at Microsoft: Five steps you can take to reduce your ransomware risk

As a part of our journey to reduce our ransomware risk internally here at Microsoft, we’ve identified five principles that we believe every enterprise should follow to make themselves more secure from these attacks. We call these our Foundational Five of Ransomware. While we use Microsoft products to secure our systems, infrastructure, data, and identities,...

Feb 26, 2024   |   Lukas Velush

Seamless and secure cloud printing with Universal Print

There are few office tasks that are as ubiquitous—or potentially as frustrating—as needing to print a document. Whatever your role and wherever you are, it’s likely that you’ll need to utilize the shared office printer next time you’re on site. In fact, maybe the sole reason you’re visiting the office is to print something. Office...

Feb 1, 2024   |   Lukas Velush

Sharing what we learned deploying our secure federal environment

At Microsoft, we serve a diverse range of customers, from individual users and large businesses to sovereign governments with specific regulatory requirements. Our platform products such as Microsoft Azure and our Microsoft 365 productivity suite perform extremely well for these different customer segments. Underneath those broad strokes, we serve very specific, complex customers. One set...

Dec 13, 2023   |   Lukas Velush

Hardware-backed Windows 11 empowers Microsoft with secure-by-default baseline

Windows 11 makes secure-by-default viable thanks to a combination of modern hardware and software. This ready out-of-the-box protection enables us to create a new baseline internally across Microsoft, one that level sets our enterprise to be more secure for a hybrid workplace. “We’ve made significant strides to create chip-to-cloud Zero Trust out of the box,”...

Dec 7, 2023   |   Lukas Velush

The future of Group Member Management: How Microsoft is leading the way with automation

Just as it is for everyone, maintaining accurate groups for email and apps such as Microsoft Viva and Microsoft Teams is challenging for us internally at Microsoft. Adding and removing employees from groups has been mostly a hand-cramping manual task, and this is especially true for large organizations like ours, where group membership management is...

Dec 5, 2023   |   Josh Krenz

Why Microsoft uses a playbook to guard against ransomware

When Microsoft’s Digital Security and Resilience (DSR) division set out to defend the company against human-operated ransomware, it faced several formidable challenges. In this form of ransomware, highly organized and sophisticated attacks by cybercriminals put major businesses, healthcare organizations, universities, and governments in their crosshairs for their visibility and potential payout. Human operated ransomware’s targeted...