Zero Trust
-
Improving security by protecting elevated-privilege accounts at Microsoft
This story was first published in 2019. We periodically update our stories, but we can’t verify that they represent the full picture of our current situation at Microsoft. We leave them on the site so you can see what our…
-
Empowering our employees with generative AI while keeping the company secure
This story reflects updated guidance from Microsoft Digital—it was first published in May 2024. Generative AI (GenAI) is rapidly changing the way businesses operate, and everyone wants to be in on the action. Whether it’s to automate tasks or enhance…
-
Boosting our Security First Initiative at Microsoft with a transformed approach to wired network security
If you asked Sean Adams, Justin Griffin, Sajith Balan, or Shyam Sunder Gogi to provide a one-word answer that describes their current focus, you’d get the same answer: “Security.” Adams, Griffin, Balan, and Gogi are all part of a team…
-
Sharing how Microsoft protects against ransomware
Anyone can fall victim to ransomware. As cybercriminals shift from wide-net approaches to focus on precision attacks against high-dollar targets, there is extra pressure for companies and governments to evaluate and defend themselves against ransomware attacks. This is why Microsoft…
-
Using a Zero Trust strategy to secure Microsoft’s network during remote work
[Editor’s note: This content was written to highlight a particular event or moment in time. Although that moment has passed, we’re republishing it here so you can see what our thinking and experience was like at the time.] Microsoft’s cloud-first…
-
Why Microsoft uses a playbook to guard against ransomware
When Microsoft’s Digital Security and Resilience (DSR) division set out to defend the company against human-operated ransomware, it faced several formidable challenges. In this form of ransomware, highly organized and sophisticated attacks by cybercriminals put major businesses, healthcare organizations, universities,…
-
Verifying device health at Microsoft with Zero Trust
Here at Microsoft, we’re using our Zero Trust security model to help us transform the way we verify device health across all devices that access company resources. Zero Trust supplies an integrated security philosophy and end-to-end strategy that informs how…
-
Hardware-backed Windows 11 empowers Microsoft with secure-by-default baseline
Windows 11 makes secure-by-default viable thanks to a combination of modern hardware and software. This ready out-of-the-box protection enables us to create a new baseline internally across Microsoft, one that level sets our enterprise to be more secure for a…
-
Building an anti-ransomware program at Microsoft focused on an Optimal Ransomware Resiliency State
Microsoft strives to deliver the productivity tools and services the world depends on. With this comes the responsibility of ensuring protection, continuity, and resilience from cyberattacks of all sorts—including emerging threats. Highlighted in the third edition of the Microsoft Digital…
-
Empowering employee self-service with guardrails: How we’re using sensitivity labels to make Microsoft more secure
At Microsoft, empowering our employees to do their best work means trusting them with self-determination. But to do that safely, we need clear data loss prevention systems in place. We describe it as self-service with guardrails. Giving employees that level…
-
Looking back at deployment of Windows 11 at Microsoft
[Editor’s note: This content was written to highlight a particular event or moment in time. Although that moment has passed, we’re republishing it here so you can see what our thinking and experience was like at the time.] Windows 11,…
-
Lessons learned at Microsoft: Five steps you can take to reduce your ransomware risk
As a part of our journey to reduce our ransomware risk internally here at Microsoft, we’ve identified five principles that we believe every enterprise should follow to make themselves more secure from these attacks. We call these our Foundational Five…