{"id":10934,"date":"2018-11-30T13:28:54","date_gmt":"2018-11-30T21:28:54","guid":{"rendered":"https:\/\/www.microsoft.com\/insidetrack\/blog\/?p=10934"},"modified":"2023-06-15T15:50:29","modified_gmt":"2023-06-15T22:50:29","slug":"microsoft-365-helps-create-a-secure-modern-workplace","status":"publish","type":"post","link":"https:\/\/www.microsoft.com\/insidetrack\/blog\/microsoft-365-helps-create-a-secure-modern-workplace\/","title":{"rendered":"Microsoft 365 helps create a secure modern workplace"},"content":{"rendered":"<div class=\"m-alert f-error\" role=\"alert\">\n<div>\n<div class=\"c-glyph glyph-incident-triangle\" aria-label=\"Error message\"><\/div>\n<p class=\"c-paragraph\">This content has been archived, and while it was correct at time of publication, it may no longer be accurate or reflect the current situation at Microsoft.<\/p>\n<\/div>\n<\/div>\n<p>The significant increase in mobile data usage, cloud adoption, digitization, and personal devices in the enterprise brings new opportunities and security risks. Microsoft uses many Microsoft 365 security technologies to help ensure a productive and secure environment for the company and our customers. Together, these Microsoft 365 security tools enable us to strengthen authentication, employ conditional access, better protect data, and automate threat protection\u2014all while streamlining our security management through a tightly integrated set of tools.<\/p>\n<p>Enterprises in today\u2019s digital world are onboarding more devices and creating, using, and storing more data in cloud-based services than ever. While this shift to the digital realm brings unprecedented opportunities to the business\u2014allowing employees to be more productive\u2014it also carries security risks if not done properly. Cyberthreats are increasing in sophistication, which requires organizations\u2014including Microsoft\u2014to place greater focus on digital security.<\/p>\n<p>At Microsoft, we\u2019re constantly exploring new technologies and processes to help ensure we have the most productive and secure environment for the company and for our customers and partners. Like many large enterprises, we need to ensure that we are implementing security controls that keep pace with the significant increase we\u2019re seeing in mobile data usage, cloud adoption, digitization, and Bring Your Own Devices (BYODs).<\/p>\n<p>This technical case study describes the multifaced approach that Microsoft is taking to create a secure modern workplace. The key is Microsoft 365, our solution of integrated and intelligent components that includes Office 365, Windows 10, and\u00a0<a class=\"c-hyperlink\" href=\"https:\/\/www.microsoft.com\/en-us\/itshowcase\/managing-modern-mobile-productivity-with-enterprise-mobility-security\" target=\"_blank\" rel=\"noopener\" aria-label=\"Read more about Enterprise Mobility + Security\">Enterprise Mobility + Security<\/a>. We\u2019re using Microsoft 365 to enhance digital security in the following four areas:<\/p>\n<ul class=\"c-list\">\n<li>Identity protection<\/li>\n<li>Information protection<\/li>\n<li>Threat protection<\/li>\n<li>Security management<\/li>\n<\/ul>\n<p>We explore how Microsoft Digital\u00a0is addressing each of these areas in the following sections.<\/p>\n<h2>Our approach to security<\/h2>\n<p>The Microsoft security team implements Microsoft 365 security technologies to help secure the Microsoft enterprise.<\/p>\n<p>Figure 1 below illustrates the array of security components that are available to enterprise Microsoft 365 subscribers. Although we use many of the technologies listed in the wheel, the larger slices are the focus for this case study. For each security area, we describe some of the challenges and concerns we have had, how we\u2019re implementing specific Microsoft 365 technologies to address those issues, and we highlight the benefits we\u2019re gaining by adopting these technologies.<\/p>\n<figure id=\"attachment_10937\" aria-describedby=\"caption-attachment-10937\" style=\"width: 640px\" class=\"wp-caption aligncenter\"><img loading=\"lazy\" decoding=\"async\" class=\"wp-image-10937 size-full\" src=\"https:\/\/www.microsoft.com\/insidetrack\/blog\/uploads\/prod\/2023\/05\/8063_image001.png\" alt=\"Graphic depicts the primary Microsoft 365 digital security components, including identity-based protection, information protection, threat protection, and security protection. Each component contains the associated implemented Microsoft technologies that this case study discusses.\" width=\"640\" height=\"640\" srcset=\"https:\/\/www.microsoft.com\/insidetrack\/blog\/uploads\/prod\/2023\/05\/8063_image001.png 640w, https:\/\/www.microsoft.com\/insidetrack\/blog\/uploads\/prod\/2023\/05\/8063_image001-300x300.png 300w, https:\/\/www.microsoft.com\/insidetrack\/blog\/uploads\/prod\/2023\/05\/8063_image001-150x150.png 150w\" sizes=\"(max-width: 640px) 100vw, 640px\" \/><figcaption id=\"caption-attachment-10937\" class=\"wp-caption-text\">Figure 1. The four main aspects of digital security and their integrated Microsoft 365 components. The protruding items represent the specific technologies that we have implemented in Microsoft Digital and that we discuss in this case study<\/figcaption><\/figure>\n<h3>Emphasizing identity-based protection<\/h3>\n<p>As organizations continue to move applications and data to cloud services, the effectiveness of the network boundary as a security control is diminished. Today, identity authentication and authorization become the primary security control. The verification we used to perform when someone connected to the network must now be done when the user authenticates to a corporate app or service, regardless of the user\u2019s location, network, or device. In this section, we discuss the challenges and concerns that we\u2019ve had with shifting our authentication strategy to identity protection, and then illustrate how we\u2019re using Microsoft 365 technologies with two-factor authentication and Microsoft Windows Hello to address those issues.<\/p>\n<h4>Eliminating passwords and improving productivity with Windows Hello<\/h4>\n<p>We\u2019ve been working to eliminate passwords for users who can use alternative authentication methods such as two-factor authentication and Windows Hello. Why is password-based protection such a concern? From a security perspective, attackers are becoming more sophisticated and successful at compromising users\u2019 password-based credentials, primarily through phishing attacks. Industry analysts indicate that 90% of security breaches start from a successful phishing campaign. In addition, the high number of passwords required for daily Internet usage results in 24% of password reuse\u2014meaning that one compromised password can provide access to multiple resources.<\/p>\n<p><a class=\"c-hyperlink\" href=\"https:\/\/www.microsoft.com\/en-us\/insidetrack\/Implementing-strong-user-authentication-with-Windows-Hello-for-Business\" target=\"_self\" rel=\"noopener\" aria-label=\"Read more about Windows Hello\">Windows Hello<\/a>, is one of the key technologies we\u2019ve employed to not only move away from password-based protection but also boost employee productivity. This technology improves identity protection and enables our employees to save time through single sign-on. Windows Hello biometrics and other nonpassword-based authentication features free employees from having to manage an unwieldy array of passwords. Moreover, Windows Hello utilizes two-factor authentication to generate a strong credential that\u2019s safely stored locally on the PC or device; unlike with passwords, nothing is transmitted across the network.<\/p>\n<h4>Expanding two-factor authentication options with Microsoft Authenticator<\/h4>\n<p>The transition away from a perimeter mindset requires new methods to ensure that people use strong authentication mechanisms. Microsoft Authenticator is a phone-based authentication tool in Microsoft 365 that we have implemented to increase our employees\u2019 authentication options. Available on Windows, Android, and iOS devices, Microsoft Authenticator allows employees running non-Windows and Windows systems alike to enroll their devices so that they can reach corporate resources securely. For example, a person working on a Mac OS system could use Microsoft Authenticator on a Windows, Android, or iOS device as their second authentication factor.<\/p>\n<h4>Employing conditional access with Azure Active Directory and Microsoft Intune<\/h4>\n<p>As BYOD becomes more prevalent, organizations incur the risk that personal devices might bring security vulnerabilities and exploits with them when employees and other users connect to the cloud. When devices aren\u2019t patched with updated antivirus signatures, they might be running malware that can infect the network at the first opportunity.<\/p>\n<p>Our approach to ensure device health at Microsoft is to utilize Azure Active Directory (Azure AD) in tandem with Microsoft Intune to implement conditional access.\u00a0<a class=\"c-hyperlink\" href=\"https:\/\/www.microsoft.com\/en-us\/insidetrack\/Migrating-mobile-device-management-to-Intune-in-the-Azure-portal\" target=\"_self\" rel=\"noopener\" aria-label=\"Read more about Users enroll their devices with Intune\">Users enroll their devices with Intune<\/a>\u00a0(the unified endpoint management solution in Microsoft 365), which applies appropriate policies to ensure that the device is encrypted by using a strong password, is malware free, and is up to date and running the latest security patches. When the user needs to use the device to access a cloud-based corporate resource, Intune communicates the device\u2019s health compliance status to Azure AD as it processes the user\u2019s authentication.<\/p>\n<p>Conditional access enables Microsoft to require a device health certificate when access is requested to company data or applications. This approach helps ensure that access to company data or applications is only granted after Microsoft validates device health and compliance status, in addition to authorized user credentials. By doing so, we prevent compromised or potentially risky systems from gaining access to other devices or company services and spreading viruses or unknowingly granting access to attackers. This automated approach to ensuring healthy devices has greatly simplified and streamlined our device\/identity protection processes. We\u2019re also taking advantage of additional features in Azure AD that enable us to be more proactive with security responses, such as blocking a user ID whose credentials are likely compromised. With devices running Windows 10, we can detect cases where the full system has been compromised\u2014something difficult to detect on earlier versions or third-party platforms.<\/p>\n<p>From a cultural perspective, some employees were concerned about privacy and allowing Microsoft Digital to apply policies to personal devices. This highlighted the need to provide education and awareness training on why this is a critical aspect of helping protect our people, devices, and data.<\/p>\n<h4>Identity-based protection guidelines<\/h4>\n<ul class=\"c-list\">\n<li><strong>Continue your move to the cloud.\u00a0<\/strong>The more systems and environments that you transition from legacy, on-premises systems to Azure, the more you\u2019ll be able to utilize Azure AD security capabilities\u2014including identity protection. Your challenge might be in securing legacy apps running in on-premises environments that don\u2019t support the latest authentication protocols. In this case, you might be able to secure legacy apps by enforcing conditional access security at the device level. For legacy apps with a web front-end, you can direct them to open in an Intune-protected Edge browser.<\/li>\n<li><strong>Implement automated processes to monitor and manage device health.<\/strong>\u00a0Transition your manual device management practices to automated systems to help you stay ahead of the wave of BYODs connecting to corporate resources, and to programmatically perform device health checks at scale. At Microsoft, using Azure AD and Intune to automatically manage conditional access for all connected devices not only enhances our security but also streamlines operations.<\/li>\n<li><strong>Drive cultural change by communicating the importance of securing personal devices.<\/strong>Requiring that employees enroll their personal devices in Intune to better secure them can pose a cultural challenge. People are concerned about their privacy, but need to understand the potential impact or threat that bringing their unsecured personal devices to work can have\u2014and why it\u2019s therefore so important to secure\u00a0<i>all<\/i>\u00a0devices\u2014corporate and personal\u2014that connect to work-based environments. At Microsoft, we developed a detailed communication plan with support from our leadership to emphasize the rationale for our drive to secure personal devices. By reiterating the reasons why it\u2019s important and by having executive sponsorship to capture employee attention, we were able to rapidly onboard most of our personal devices into our device-management systems.<\/li>\n<\/ul>\n<h3>Protecting information wherever it goes<\/h3>\n<p>At Microsoft, data is our business\u2019 currency. We recognize the critical importance of protecting our data and our customers\u2019 data wherever it resides, all the time. As with many enterprises, the sheer amount of data can make data protection appear as an insurmountable challenge. In this section, we discuss the challenges and concerns we\u2019ve encountered with information protection, and then illustrate how we\u2019re using Microsoft 365 technologies to address those issues.<\/p>\n<h4>Detecting and monitoring sensitive data with Office 365 Data Loss Prevention<\/h4>\n<p>Microsoft maintains the world\u2019s largest Office 365 tenant for our employees, and it encompasses multiple petabytes of data, with an additional 350 terabytes of data residing in on-premises systems. The enormous amount of data across this hybrid environment presents a huge challenge for data discovery and protection.<\/p>\n<p>Previously, we relied on a combination of third-party products to try to identify and track sensitive data. Those solutions burdened our security administrators with navigating multiple interfaces and screens, and the different systems frequently produced inconsistent findings. Without having a good understanding of the nature of the data, how could we determine the sensitivity of information in each document? How was the sensitive data being stored? Who was accessing it? Where was it going?<\/p>\n<p>We needed to implement a new, holistic data discovery and protection solution that could seamlessly protect data for Microsoft and our customers, partners, and suppliers. Additionally, the proper protection methods\u2014encryption, permissions, or both\u2014needed to be applied instantly.<\/p>\n<p>Office 365 Data Loss Prevention (DLP) is the tool within Microsoft 365 that we chose for our holistic data protection solution. Instead of having to create multiple classifications in each separate third-party system, classifications in Office 365 DLP can be used everywhere in the cloud\u2014in SharePoint Online, OneDrive for Business, Teams, and more. We can even use the same classifications in our on-premises environment via the Azure Information Protection scanner, another technology available in Microsoft 365. This not only helps secure our data better but also increases our security administrators\u2019 productivity by presenting a single integrated interface.<\/p>\n<p>Office 365 DLP gives us insight into the types of content that are stored, where each data item resides, and how people use and share the data. This information is critical to improving our business practices\u2014for example, we can now identify when sensitive information is being transmitted via insecure email attachments. Our Data Loss Prevention team can immediately notify and raise awareness within the affected department and continue monitoring to confirm that appropriate changes to daily practices which enhance data security have been adopted.<\/p>\n<h4>Simplifying and automating data classification with Azure Information Protection<\/h4>\n<p>Another key aspect of data protection is establishing a data classification system that detection and monitoring technologies can utilize to determine how a certain file should be treated, based on its content\u2019s sensitivity. Classification at Microsoft has traditionally been a manual process in which we relied on each employee to correctly label and classify their own work. With many people interpreting our classification system differently, we saw inconsistencies in labeling, misclassification, or no classification at all.<\/p>\n<p>At Microsoft, we needed to ensure that all documents within the enterprise are properly and consistently classified and labeled\u2014and we needed to automatically tag data as much as possible. One important change we made to improve our data classification was to update our classification taxonomy. We worked with representative stakeholders from numerous departments to achieve consensus on what terminology should be used and what terminology all employees would likely understand and adopt. In addition, we\u2019re implementing unified labels to help us integrate labeling across multiple apps and platforms.<\/p>\n<p>We deployed Azure Information Protection across the enterprise to classify and label employee data. Azure Information Protection is a Microsoft Office 365 plug-in. It is implemented and available within the apps that our employees already use. Word, Excel, and other Office 365 productivity tools feature a new toolbar that visually reminds people to label and protect each document.<\/p>\n<p>We\u2019re seeing Azure Information Protection boost employee productivity by automatically classifying sensitive information and recommending appropriate labels based on the types of data being entered. Additionally, our Data Loss Prevention team benefits from Azure information Protection by utilizing the labeling and document properties that Azure Information Protection places in each file to gauge how sensitive content is used and how it\u2019s shared across the enterprise.<\/p>\n<h4>Information protection guidelines<\/h4>\n<ul class=\"c-list\">\n<li><strong>Plan and fine tune classification rules.<\/strong>\u00a0When rolling out your initial information protection deployment, make sure to allocate time for reviewing classification rules and verifying classification actions. As with most deployments, we suggest you start with a small population to work out false positives before deploying to a larger number of users. In our experience, we realized that false positives can also help uncover other sensitive data that may not have otherwise been considered. At Microsoft, we believe that a careful, ongoing analysis of false positives is an effective way to improve data detection and monitoring processes. As we iterate on modifications to classifications and rules, we gain more confidence that the changes made are appropriate when we see the number of false positives trend downward. These improved classifications are then applied across the company.<\/li>\n<li><strong>Design intuitive data labels.<\/strong>\u00a0If you expect multiple departments and regions to all apply your data sensitivity labels frequently and accurately, you must confirm that your terminology makes sense to everyone; otherwise, you\u2019ll have mislabeled data at best or unlabeled data at worst. Achieving labeling consistency was a more significant challenge than the technical implementation. Because this new taxonomy would be applied across all our departments and regions, we engaged stakeholders from many teams and spent considerable time building a taxonomy that all parties could understand and accurately apply to their data.<\/li>\n<li><strong>Don\u2019t be surprised at the number of faulty business processes found during the discovery and validation phases.\u00a0<\/strong>If you haven\u2019t previously had a programmatic means to evaluate whether data is being protected in your business processes, it\u2019s not uncommon to discover a variety of faulty business processes, or even a lack of business process or classification. At Microsoft, we view uncovering business practices that don\u2019t adhere to our security practices early in the data life cycle as a good thing, because it presents an opportunity to educate employees on proper data handling and to encourage corrective behavior. Addressing these issues as they\u2019re identified, then continuing to monitor to ensure adherence, should reduce false-positive rates over time\u2014and that is your best evidence that you\u2019re optimally protecting your corporate information.<\/li>\n<li><strong>Educate employees on data protection and why it\u2019s important.<\/strong>\u00a0To successfully implement data protection in your organization, focus on the cultural change to the same extent that you focus on deploying Office 365 DLP and Azure Information Protection. Design an education and awareness program to teach employees how to properly classify and label content by using the Azure Information Protection capabilities within their familiar Office 365 apps. At Microsoft, we\u2019ve developed education and awareness training programs that help remind our employees about business processes and proper labeling and storage of sensitive content. This proactive approach helps us remove faulty business practices, which in turn reduces the risk of unauthorized disclosures or inadvertent leaks of sensitive content.<\/li>\n<\/ul>\n<h3>Detecting and responding to attacks more quickly<\/h3>\n<p>There are two main areas of threat protection and response: managing events that raise alerts and using analytics to gain visibility into the underlying data. In this section, we discuss the challenges and concerns we\u2019ve encountered with both these aspects of threat protection, and then illustrate how we\u2019re using Microsoft 365 technologies to address them.<\/p>\n<p>It\u2019s becoming all too common to learn that another large enterprise has been victimized by a hacker and that sensitive data has been accessed. The prevalence and scale of these attacks mandate better protection of internal data and customer data\u2014and the ability to swiftly respond to attacks as soon as they occur.<\/p>\n<p>Technologies such as antivirus and antimalware programs are still an important tool, but as attacks increase in complexity, protecting an enterprise from digital security threats requires a more complete toolkit. Although next generation antivirus solutions like Windows Defender ATP can block clearly malicious PowerShell scripts, such solutions are not designed to block or alert on anomalous or potentially suspicious behaviors. It might or might not notice that a process has been injected, or that someone accessed passwords by using routine system commands that are available to the operating system. So how can your security operations personnel (SecOps) notice these things\u2014how do you notice a single process doing something suspicious to the system? And how do you scale that capability to support the hundreds of thousands of devices that are part of an enterprise?<\/p>\n<h4>Automating threat protection with Windows Defender Advanced Threat Protection<\/h4>\n<p>At Microsoft, a key technology that we use to protect employees\u2019 systems is\u00a0<a class=\"c-hyperlink\" href=\"https:\/\/www.microsoft.com\/en-us\/insidetrack\/microsoft-defender-atps-antivirus-capabilities-boost-malware-protection\" target=\"_self\" rel=\"noopener\" aria-label=\"Read more about Windows Defender Advanced Threat Protection\">Windows Defender Advanced Threat Protection<\/a>\u00a0(Windows Defender ATP). Windows Defender ATP is a unified Endpoint Protection Platform (EPP) and Endpoint Detection and Response (EDR) suite for Windows and third-party platforms that brings intelligence to preventative and post-breach protection. Its ability to learn, grow, and adapt through machine learning is enabling our security teams to become more proactive with threat response.<\/p>\n<p>Windows Defender ATP performs automated investigation and response, automatically picking alerts out of the queue and then investigating. It incriminates all entities related to an identified threat, and then remediates the issue. If Windows Defender ATP identifies that malicious code has been injected into a process, it sends an alert to the Windows Defender Security Center web console. Windows Defender ATP delivers instant, detailed visibility into what\u2019s going on in the system or over the network, providing context about the nature of the event. We use Windows Defender ATP to look at that compromised system, examine incidents, and then work back to see where they came from. The depth of the data that the technology provides increases the speed of our response to the threat at the exact moment when time is of the essence\u2014which can be the difference between quarantining malware or blocking an intrusion immediately rather than giving it the opportunity to spread across the enterprise.<\/p>\n<h4>Protecting email from phishing attacks with Office 365 Advanced Threat Protection<\/h4>\n<p>One of the most frequent vectors that malware takes into an organization is through phishing, in which employees inadvertently reveal sensitive information such as usernames, passwords, or credit card details to a hacker who sends an electronic communication (most commonly email) by masquerading as a trustworthy entity.<\/p>\n<p>At Microsoft, we chose\u00a0<a class=\"c-hyperlink\" href=\"https:\/\/www.microsoft.com\/en-us\/insidetrack\/Office-365-helps-secure-Microsoft-from-modern-phishing-campaigns\" target=\"_self\" rel=\"noopener\" aria-label=\"Read more about Office 365 Advanced Threat Protection\">Office 365 Advanced Threat Protection<\/a>\u00a0(Office 365 ATP) to programmatically address phishing and other email-based malware. Part of the Microsoft 365 suite of technologies, Office 365 ATP does much more than filter spam into the junk mailbox; it allows us to review a suspect email\u2019s header, determine who received it, find out whether the recipient clicked any links within the file, and determine whether the message was forwarded to others. We can then either send the message to the junk folder or delete it. Essentially, Office 365 ATP enables us to qualify the severity of the message\u2019s malware and act accordingly.<\/p>\n<h4>Gaining synergy with Office 365 ATP and Windows Defender ATP<\/h4>\n<p>The largest benefit we\u2019re seeing, however, is the synergistic effect of combining Office 365 ATP with Windows Defender ATP. The tight integration of these technologies means that we can move seamlessly back and forth between them during investigations, which significantly improves our overall malware remediation capabilities while simultaneously reducing our response time.<\/p>\n<p>For example, if we receive a report of a phishing incident, we can use Office 365 ATP to both examine an email\u2019s header and determine what actions any users have taken within the email (such as clicking links or forwarding the message). With the click of a button, we can then connect into Windows Defender ATP for the same user who received the email to determine whether the malware wrote a file to the device or if it led to a network connection to another site.<\/p>\n<p>The synergy between these products enables our team to respond to alerts much more quickly. Instead of sending emails or calling people who might have been impacted by the malware, we now have a greatly simplified means of analyzing a phishing event, determining precisely what happened, and immediately beginning remediation. In this same scenario, we can use Office 365 ATP and Windows Defender ATP to determine, for example, that 60 people received the message, five people opened it, and two people now have malware in their systems. We can delete the phishing message right from the Office 365 ATP console to ensure that people who haven\u2019t seen it never open it. We can then move straight to the user\u2019s infected systems in Windows Defender ATP to quarantine and remove the malware from infected systems\u2014all without disrupting the employee\u2019s productivity.<\/p>\n<p>These integrated technologies also work from the opposite direction as the situation merits. If, for example, an alert is first raised in Windows Defender ATP, we can start our investigation by examining the system that generated the alert, determine how any malware got onto the system, and identify where it came from in an email. Then we can search for instances of that same email file on other systems, and then quarantine and repair all infected systems. Next, we can link back to Office 365 ATP to get a broader picture of how many users received the message and the scope of the phishing attack, and then delete the message from any inboxes where the message hasn\u2019t been opened.<\/p>\n<p>Our response times have reduced dramatically by using these tools. No matter which investigation direction we take\u2014phishing to system, or system to phishing\u2014Office 365 ATP and Windows Defender ATP together give us all the details we need to properly analyze and respond within minutes. This is a significant improvement from processes that previously could take days or weeks to find and respond to the suspicious activity. Having the right information available at our fingertips enables us to respond immediately. We no longer must contact the owners of the affected systems and then wait for them to respond before we start remediation. Furthermore, our analysts can spend more time investigating true threats instead of sifting through insurmountable mounds of log files, searching for suspicious activity.<\/p>\n<h4>Threat detection and response guidelines<\/h4>\n<ul class=\"c-list\">\n<li><strong>Invest in your platform and your instrumentation so that you can analyze and respond to threats at scale.\u00a0<\/strong>Agility and scalability require forward thinking and building platforms that enable next-generation threat protection. Windows Defender ATP and Office 365 ATP give us an integrated platform that improves our ability to analyze an attack while enhancing our remediation capabilities that don\u2019t disrupt employee productivity. These technologies are key to performing effective, programmatic, and timely remediation of malware attacks. With these tools, we can inventory our assets, monitor system and network health, and then take immediate action to quarantine and repair infected systems and delete phishing emails.<\/li>\n<li><strong>Invest in your people<\/strong>. Although Office 365 DLP and Windows Defender ATP are critical tools that your SecOps and analysts can use to better protect your infrastructure, threat protection starts with your employees. Every person in the enterprise has a part to play in helping keep malware at bay. Educate your employees about their important role as part of the new security perimeter\u2014and what they must do to protect themselves and co-workers about digital threats and security risks. At Microsoft, we\u2019re focusing on streamlining the communication between incident response teams and eliminating persistent admin rights in favor of providing access at the right time. We provide training for our employees on security best practices, risks, and reinforce key concepts through communication campaigns that help keep the proper behaviors foremost in employees\u2019 minds.<\/li>\n<\/ul>\n<h3>Building intelligent security management<\/h3>\n<p>One of the major security challenges that enterprises face is understanding threats in the context of the organization\u2014and what sort of risk each threat poses. Security teams must be able to work with alerts from multiple siloed products to build a coherent picture of their security landscape. In this section, we illustrate how we\u2019re customizing the Microsoft Graph Security API to bring together all our digital security inputs\u2014both Microsoft and third-party solutions\u2014into a single dashboard and how we\u2019re promoting intelligent security management by supporting the organizational context.<\/p>\n<h4>Bringing security management under one dashboard<\/h4>\n<p>Large enterprises commonly use an assemblage of different security products to better protect their infrastructure. Moreover, each product has its own portal, data model, schema, and API. At Microsoft, this combination of Microsoft and third-party products traditionally has been an obstacle to building a holistic view of our security landscape. Although we\u2019ve been using our Intelligent Security Graph to synthesize the threat intelligence and security signals from our Microsoft products, the third-party security tools we used provided no standardized means of integration.<\/p>\n<p>Until recently, we\u2019ve either had to spend significant development resources to custom code and maintain an interface or rely on our security analysts to manage without any integration. In the latter case, moving back and forth between the Microsoft and third-party portals made it much more challenging to obtain a complete situation awareness. We needed a means to extend our reach into third-party security tools and display their information side by side with our Microsoft technologies.<\/p>\n<p>The release of the\u00a0<a class=\"c-hyperlink\" href=\"http:\/\/aka.ms\/graphsecurityapi\" target=\"_blank\" rel=\"noopener\" aria-label=\"Read more about Microsoft Graph Security API\u00a0\">Microsoft Graph Security API<\/a> (Security API) has completely changed our integration efforts. The Security API provides a common interface for all Microsoft 365 products\u2014including the security-oriented technologies we\u2019ve introduced previously in this article, and the other, nonsecurity-related products available in Microsoft 365. The Security API offers a single integration point and fabric for any technology in Microsoft 365 and for any third-party tool that supports the Microsoft Graph API.<\/p>\n<p>Onboarding the Security API is delivering a significant supportability boost, because our developers can switch from maintaining brittle custom code to working with an officially supported API. Maintenance becomes part of standard product support. We\u2019re also unifying the work that is currently being done in multiple applications into a single location. By integrating once with the Security API, we can use that same code to reach all the other products that support the API with no additional effort. In effect, one development effort now returns multiple product integrations.<\/p>\n<h4>Inserting organizational context into security risk assessment<\/h4>\n<p>Another milestone we\u2019ve achieved by utilizing the Security API is merging organizational context with alert data. Joining these two types of information is critical in helping us quickly ascertain the relative risk of the attack in relation to the role of the targeted person. For example, when a security alert activates or a potential attack is detected, we can determine whether the person under attack is an executive of the company or an executive\u2019s administrative assistant. We might need to treat such an incident very differently based on the person being attacked.<\/p>\n<p>We\u2019re able to gather this information because the Security API is part of the Microsoft Graph API and is therefore able to see into both Azure AD and Office 365 when appropriate permissions have been granted to do so. We can pull the user object from Azure AD, see their picture, and identify their manager and their department to determine whether others in the same department have also been targeted. With approval, we can investigate other email-related details that can help us assess the risk level for each attack accurately and quickly\u2014and then respond accordingly.<\/p>\n<h3>Security management guidelines<\/h3>\n<ul class=\"c-list\">\n<li><strong>Combine security alert data with organizational context.\u00a0<\/strong>Combining information about the nature of a malware attack with details about the targeted user will help you understand a breach\u2019s potential scope. Individuals who hold highly confidential corporate information might require a much more significant response than those who don\u2019t. At Microsoft, using the Security API to connect our security processes with Azure AD and Office 365 gives us this critical insight and helps us adjust our method and level of response for each attack.<\/li>\n<li><strong>Transition from custom hacks to a production API.<\/strong>\u00a0Shift your security developers (DevSec personnel) from custom coding security interfaces to working with the Security API. This should alleviate much of the resource drain associated with maintaining brittle code, and it enables you to multiply the value of each development effort by coding one integration for one product, and then reusing the same code to integrate with any other product that supports the Security API.<\/li>\n<li><strong>Recruit your developers\u2019 and SecOps\u2019 brainpower to integrate security practices within DevOps.<\/strong>\u00a0The Security API enables you to reduce the cost, effort, and operational risk associated with custom-code solutions. This helps you better use the skill set that your developers already possess, and it enables them to them quickly transition to implementing security practices. At Microsoft, we\u2019re using this strategy to scale our DevSecOps team as needed. Those developers who aren\u2019t as familiar with security aspects can work alongside SecOps team members to streamline their efforts.<\/li>\n<\/ul>\n<h2>Conclusions<\/h2>\n<p>Data is the lifeblood of a digital enterprise. As companies continue their digital transformation to cloud-based services, more devices are being used to access these resources in a growing number of locations\u2014not just from within a secure corporate network.<\/p>\n<p>The Microsoft security team has implemented several Microsoft 365 security components to make our environment more productive and secure. We\u2019ve shared how we\u2019re enhancing four aspects of our digital security\u2014identity-based protection, information protection, threat protection, and security management\u2014and explained how the technologies are part of the Microsoft 365 landscape.<\/p>\n<p>Implementing the security technologies available in Microsoft 365 has been key to helping our security team adopt a proactive threat-response strategy while simultaneously supporting the productivity needs of our employees and customers. We\u2019re able to better protect the vast number of devices that need access to corporate resources, and we\u2019re also bringing together our device monitoring and management systems under a single dashboard. This holistic approach that connects solutions and integrates them with alerts and contextual information is delivering the insights we need to better block malware from accessing our systems while improving our threat detection and increasing the speed and efficacy of our incident response the moment any breach occurs.<\/p>\n<h3>Our next steps<\/h3>\n<p>We\u2019re well on our journey to becoming a more secure and productive enterprise that effectively anticipates and responds to security-based risks. We will continue to incorporate more Microsoft 365 security technologies and third-party security solutions, effectively bringing all monitoring and management capabilities\u2014irrespective of product or manufacturer\u2014into one interface.<\/p>\n<p>In the next year we plan to complete our adoption of identity-based protection so that our employees are completely free of passwords and use Multi-Factor Authentication to access corporate resources securely. Furthermore, we\u2019re working to ensure that administrator accounts are fully isolated from regular mail-enabled user accounts, and that no server or service has a persistent administrator.<\/p>\n<p>Finally, we\u2019re evolving our use of machine learning and AI to define intelligent, behavioral-based approaches to threat detection that will help us identify and prevent entirely new threats and methods of attack that we haven\u2019t yet encountered\u2014which is a critical step toward helping our company, customers, and partners remain productive and secure well into the future.<\/p>\n<h3>Your next steps<\/h3>\n<p>If your organization hasn\u2019t already subscribed to Microsoft 365,\u00a0<a class=\"c-hyperlink\" href=\"https:\/\/www.microsoft.com\/en-us\/microsoft-365\/enterprise\/home\" target=\"_blank\" rel=\"noopener\" aria-label=\"Read more about review the productivity and security technologies available in Microsoft 365 enterprise\">review the productivity and security technologies available in Microsoft 365 enterprise<\/a>.<\/p>\n<p>If you\u2019re already using Microsoft 365, use the links below to learn more about how you can use the full suite of security technologies that are available to you in Microsoft 365 to enhance your digital security.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>This content has been archived, and while it was correct at time of publication, it may no longer be accurate or reflect the current situation at Microsoft. The significant increase in mobile data usage, cloud adoption, digitization, and personal devices in the enterprise brings new opportunities and security risks. Microsoft uses many Microsoft 365 security&#8230;<\/p>\n","protected":false},"author":146,"featured_media":10936,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"jetpack_post_was_ever_published":false,"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":"","jetpack_publicize_message":"","jetpack_publicize_feature_enabled":true,"jetpack_social_post_already_shared":true,"jetpack_social_options":{"image_generator_settings":{"template":"highway","enabled":false}}},"categories":[1],"tags":[],"coauthors":[674],"jetpack_publicize_connections":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v22.8 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Microsoft 365 helps create a secure modern workplace - Inside Track Blog<\/title>\n<meta name=\"description\" content=\"The significant increase in mobile data usage, cloud adoption, digitization, and personal devices in the enterprise brings new opportunities and security risks. Microsoft uses many Microsoft 365 security technologies to help ensure a productive and secure environment for the company and our customers. Together, these Microsoft 365 security tools enable us to strengthen authentication, employ conditional access, better protect data, and automate threat protection\u2014all while streamlining our security management through a tightly integrated set of tools.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.microsoft.com\/insidetrack\/blog\/microsoft-365-helps-create-a-secure-modern-workplace\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Microsoft 365 helps create a secure modern workplace - Inside Track Blog\" \/>\n<meta property=\"og:description\" content=\"The significant increase in mobile data usage, cloud adoption, digitization, and personal devices in the enterprise brings new opportunities and security risks. Microsoft uses many Microsoft 365 security technologies to help ensure a productive and secure environment for the company and our customers. Together, these Microsoft 365 security tools enable us to strengthen authentication, employ conditional access, better protect data, and automate threat protection\u2014all while streamlining our security management through a tightly integrated set of tools.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.microsoft.com\/insidetrack\/blog\/microsoft-365-helps-create-a-secure-modern-workplace\/\" \/>\n<meta property=\"og:site_name\" content=\"Inside Track Blog\" \/>\n<meta property=\"article:published_time\" content=\"2018-11-30T21:28:54+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2023-06-15T22:50:29+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.microsoft.com\/insidetrack\/blog\/uploads\/prod\/2023\/05\/8063_hero.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"1040\" \/>\n\t<meta property=\"og:image:height\" content=\"585\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Inside Track \u2013 retired stories\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Inside Track \u2013 retired stories\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"24 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.microsoft.com\/insidetrack\/blog\/microsoft-365-helps-create-a-secure-modern-workplace\/\",\"url\":\"https:\/\/www.microsoft.com\/insidetrack\/blog\/microsoft-365-helps-create-a-secure-modern-workplace\/\",\"name\":\"Microsoft 365 helps create a secure modern workplace - Inside Track Blog\",\"isPartOf\":{\"@id\":\"https:\/\/www.microsoft.com\/insidetrack\/blog\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.microsoft.com\/insidetrack\/blog\/microsoft-365-helps-create-a-secure-modern-workplace\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/www.microsoft.com\/insidetrack\/blog\/microsoft-365-helps-create-a-secure-modern-workplace\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.microsoft.com\/insidetrack\/blog\/uploads\/prod\/2023\/05\/8063_hero.jpg\",\"datePublished\":\"2018-11-30T21:28:54+00:00\",\"dateModified\":\"2023-06-15T22:50:29+00:00\",\"author\":{\"@id\":\"https:\/\/www.microsoft.com\/insidetrack\/blog\/#\/schema\/person\/59e5f7b07dae629412c990cc1a63b575\"},\"description\":\"The significant increase in mobile data usage, cloud adoption, digitization, and personal devices in the enterprise brings new opportunities and security risks. Microsoft uses many Microsoft 365 security technologies to help ensure a productive and secure environment for the company and our customers. Together, these Microsoft 365 security tools enable us to strengthen authentication, employ conditional access, better protect data, and automate threat protection\u2014all while streamlining our security management through a tightly integrated set of tools.\",\"breadcrumb\":{\"@id\":\"https:\/\/www.microsoft.com\/insidetrack\/blog\/microsoft-365-helps-create-a-secure-modern-workplace\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.microsoft.com\/insidetrack\/blog\/microsoft-365-helps-create-a-secure-modern-workplace\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.microsoft.com\/insidetrack\/blog\/microsoft-365-helps-create-a-secure-modern-workplace\/#primaryimage\",\"url\":\"https:\/\/www.microsoft.com\/insidetrack\/blog\/uploads\/prod\/2023\/05\/8063_hero.jpg\",\"contentUrl\":\"https:\/\/www.microsoft.com\/insidetrack\/blog\/uploads\/prod\/2023\/05\/8063_hero.jpg\",\"width\":1040,\"height\":585,\"caption\":\"Man and women work collaboratively.\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.microsoft.com\/insidetrack\/blog\/microsoft-365-helps-create-a-secure-modern-workplace\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.microsoft.com\/insidetrack\/blog\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Microsoft 365 helps create a secure modern workplace\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.microsoft.com\/insidetrack\/blog\/#website\",\"url\":\"https:\/\/www.microsoft.com\/insidetrack\/blog\/\",\"name\":\"Inside Track Blog\",\"description\":\"How Microsoft does IT\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.microsoft.com\/insidetrack\/blog\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.microsoft.com\/insidetrack\/blog\/#\/schema\/person\/59e5f7b07dae629412c990cc1a63b575\",\"name\":\"Inside Track \u2013 retired stories\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.microsoft.com\/insidetrack\/blog\/#\/schema\/person\/image\/ee0de87c339052d5d84852473bd7f213\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/24a8c329ab32afd1bc23fd1658d1acc2?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/24a8c329ab32afd1bc23fd1658d1acc2?s=96&d=mm&r=g\",\"caption\":\"Inside Track \u2013 retired stories\"},\"description\":\"The content on this page was crafted to highlight a specific moment in time or the solutions that have led us to where we are today. It offers valuable insights into our journey and the progress made over the years. Check out the Inside Track blog page for our up-to-date stories around Microsoft.\",\"url\":\"https:\/\/www.microsoft.com\/insidetrack\/blog\/author\/insidetrackarchive\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Microsoft 365 helps create a secure modern workplace - Inside Track Blog","description":"The significant increase in mobile data usage, cloud adoption, digitization, and personal devices in the enterprise brings new opportunities and security risks. Microsoft uses many Microsoft 365 security technologies to help ensure a productive and secure environment for the company and our customers. Together, these Microsoft 365 security tools enable us to strengthen authentication, employ conditional access, better protect data, and automate threat protection\u2014all while streamlining our security management through a tightly integrated set of tools.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.microsoft.com\/insidetrack\/blog\/microsoft-365-helps-create-a-secure-modern-workplace\/","og_locale":"en_US","og_type":"article","og_title":"Microsoft 365 helps create a secure modern workplace - Inside Track Blog","og_description":"The significant increase in mobile data usage, cloud adoption, digitization, and personal devices in the enterprise brings new opportunities and security risks. Microsoft uses many Microsoft 365 security technologies to help ensure a productive and secure environment for the company and our customers. Together, these Microsoft 365 security tools enable us to strengthen authentication, employ conditional access, better protect data, and automate threat protection\u2014all while streamlining our security management through a tightly integrated set of tools.","og_url":"https:\/\/www.microsoft.com\/insidetrack\/blog\/microsoft-365-helps-create-a-secure-modern-workplace\/","og_site_name":"Inside Track Blog","article_published_time":"2018-11-30T21:28:54+00:00","article_modified_time":"2023-06-15T22:50:29+00:00","og_image":[{"width":1040,"height":585,"url":"https:\/\/www.microsoft.com\/insidetrack\/blog\/uploads\/prod\/2023\/05\/8063_hero.jpg","type":"image\/jpeg"}],"author":"Inside Track \u2013 retired stories","twitter_card":"summary_large_image","twitter_misc":{"Written by":"Inside Track \u2013 retired stories","Est. reading time":"24 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/www.microsoft.com\/insidetrack\/blog\/microsoft-365-helps-create-a-secure-modern-workplace\/","url":"https:\/\/www.microsoft.com\/insidetrack\/blog\/microsoft-365-helps-create-a-secure-modern-workplace\/","name":"Microsoft 365 helps create a secure modern workplace - Inside Track Blog","isPartOf":{"@id":"https:\/\/www.microsoft.com\/insidetrack\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.microsoft.com\/insidetrack\/blog\/microsoft-365-helps-create-a-secure-modern-workplace\/#primaryimage"},"image":{"@id":"https:\/\/www.microsoft.com\/insidetrack\/blog\/microsoft-365-helps-create-a-secure-modern-workplace\/#primaryimage"},"thumbnailUrl":"https:\/\/www.microsoft.com\/insidetrack\/blog\/uploads\/prod\/2023\/05\/8063_hero.jpg","datePublished":"2018-11-30T21:28:54+00:00","dateModified":"2023-06-15T22:50:29+00:00","author":{"@id":"https:\/\/www.microsoft.com\/insidetrack\/blog\/#\/schema\/person\/59e5f7b07dae629412c990cc1a63b575"},"description":"The significant increase in mobile data usage, cloud adoption, digitization, and personal devices in the enterprise brings new opportunities and security risks. Microsoft uses many Microsoft 365 security technologies to help ensure a productive and secure environment for the company and our customers. Together, these Microsoft 365 security tools enable us to strengthen authentication, employ conditional access, better protect data, and automate threat protection\u2014all while streamlining our security management through a tightly integrated set of tools.","breadcrumb":{"@id":"https:\/\/www.microsoft.com\/insidetrack\/blog\/microsoft-365-helps-create-a-secure-modern-workplace\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.microsoft.com\/insidetrack\/blog\/microsoft-365-helps-create-a-secure-modern-workplace\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.microsoft.com\/insidetrack\/blog\/microsoft-365-helps-create-a-secure-modern-workplace\/#primaryimage","url":"https:\/\/www.microsoft.com\/insidetrack\/blog\/uploads\/prod\/2023\/05\/8063_hero.jpg","contentUrl":"https:\/\/www.microsoft.com\/insidetrack\/blog\/uploads\/prod\/2023\/05\/8063_hero.jpg","width":1040,"height":585,"caption":"Man and women work collaboratively."},{"@type":"BreadcrumbList","@id":"https:\/\/www.microsoft.com\/insidetrack\/blog\/microsoft-365-helps-create-a-secure-modern-workplace\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.microsoft.com\/insidetrack\/blog\/"},{"@type":"ListItem","position":2,"name":"Microsoft 365 helps create a secure modern workplace"}]},{"@type":"WebSite","@id":"https:\/\/www.microsoft.com\/insidetrack\/blog\/#website","url":"https:\/\/www.microsoft.com\/insidetrack\/blog\/","name":"Inside Track Blog","description":"How Microsoft does IT","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.microsoft.com\/insidetrack\/blog\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/www.microsoft.com\/insidetrack\/blog\/#\/schema\/person\/59e5f7b07dae629412c990cc1a63b575","name":"Inside Track \u2013 retired stories","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.microsoft.com\/insidetrack\/blog\/#\/schema\/person\/image\/ee0de87c339052d5d84852473bd7f213","url":"https:\/\/secure.gravatar.com\/avatar\/24a8c329ab32afd1bc23fd1658d1acc2?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/24a8c329ab32afd1bc23fd1658d1acc2?s=96&d=mm&r=g","caption":"Inside Track \u2013 retired stories"},"description":"The content on this page was crafted to highlight a specific moment in time or the solutions that have led us to where we are today. It offers valuable insights into our journey and the progress made over the years. Check out the Inside Track blog page for our up-to-date stories around Microsoft.","url":"https:\/\/www.microsoft.com\/insidetrack\/blog\/author\/insidetrackarchive\/"}]}},"jetpack_featured_media_url":"https:\/\/www.microsoft.com\/insidetrack\/blog\/uploads\/prod\/2023\/05\/8063_hero.jpg","jetpack_sharing_enabled":true,"jetpack_shortlink":"https:\/\/wp.me\/p9hcZA-2Qm","_links":{"self":[{"href":"https:\/\/www.microsoft.com\/insidetrack\/blog\/wp-json\/wp\/v2\/posts\/10934"}],"collection":[{"href":"https:\/\/www.microsoft.com\/insidetrack\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.microsoft.com\/insidetrack\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.microsoft.com\/insidetrack\/blog\/wp-json\/wp\/v2\/users\/146"}],"replies":[{"embeddable":true,"href":"https:\/\/www.microsoft.com\/insidetrack\/blog\/wp-json\/wp\/v2\/comments?post=10934"}],"version-history":[{"count":3,"href":"https:\/\/www.microsoft.com\/insidetrack\/blog\/wp-json\/wp\/v2\/posts\/10934\/revisions"}],"predecessor-version":[{"id":11415,"href":"https:\/\/www.microsoft.com\/insidetrack\/blog\/wp-json\/wp\/v2\/posts\/10934\/revisions\/11415"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.microsoft.com\/insidetrack\/blog\/wp-json\/wp\/v2\/media\/10936"}],"wp:attachment":[{"href":"https:\/\/www.microsoft.com\/insidetrack\/blog\/wp-json\/wp\/v2\/media?parent=10934"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.microsoft.com\/insidetrack\/blog\/wp-json\/wp\/v2\/categories?post=10934"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.microsoft.com\/insidetrack\/blog\/wp-json\/wp\/v2\/tags?post=10934"},{"taxonomy":"author","embeddable":true,"href":"https:\/\/www.microsoft.com\/insidetrack\/blog\/wp-json\/wp\/v2\/coauthors?post=10934"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}