We released Windows 11, the operating system designed for hybrid work, just over six months ago and are energized to hear how our customers, like Tower, are finding new ways to empower employees and move their business forward.

Talking to customers is one of the best parts of my role as General Manager for the Microsoft 365 business, and I learn a lot from every conversation—whether with an enterprise leader or a small business owner. Our team has also received a lot of feedback and input about the past two years and how it has forever changed the way we work, and I‘ve observed this just walking around my neighborhood in Atlanta—the way we work is different. Our work lives are in many cases more flexible, but also more complex. It makes sense, then, that the one thing I always hear is that organizations want solutions that are streamlined across their IT infrastructure, and seamless and easy for their employees to use.

We recently released the 2022 Work Trend Index, which surveyed 31,000 people in 31 countries around the world. What we’ve learned from our 2021 and 2022 research is that this rapidly changing landscape is shaping how we think about how technology serves us at work. This has been our inspiration for the features we announced today and how we will continue to innovate in Windows for organizations and employees, helping our customers transform how we connect, collaborate, and communicate.

The most compelling data we gleaned from the Work Trend Index is that 73 percent of employees want flexible or remote options and see this as a more permanent way of working. That’s more than two-thirds of people surveyed—a compelling statistic.

As a leader at Microsoft who was hired during the pandemic and works fully remote, I can relate to the new challenges businesses are navigating in moving employees to a more permanent remote or hybrid work setting, and the challenge employees sometimes face in different environments.

So, I’m excited to build off what Panos Panay, Chief Product Officer, shared today and give you some more details about the new features we are building in Windows 11 to power your businesses and your people, no matter where they are working.

Here’s what’s coming to Windows 11.

A faster, more dynamic Windows 11 experience powered by the cloud

Last year, we introduced Windows 365, the world’s first Cloud PC, to give people a simple way to stream their entire Windows experience from the Microsoft cloud. This means an individual employee’s personal settings, apps, and contents can be securely accessed on any device. And it’s persistent and always ready to go, so they can pick up right where they left off because Windows is streaming from the cloud. I’ve heard from many customers who are finding new uses for the Windows 365 Cloud PCs in critical hybrid work scenarios—from elastic workforces like interns or contractors to high-scale computing needs like developers, to remote workers and secure bring your own PC (BYOPC) needs. Windows 365 is easy to scale up so it’s particularly useful in times of change, like mergers and acquisitions. Coats, the world’s largest industrial thread manufacturer, was an early adopter of Windows 365.

Extending Windows to the cloud opens up new solutions that can help accelerate digital transformation by utilizing the power, intelligence, and capacity of the cloud to augment device capabilities. According to Gartner®, 72 percent of infrastructure and operations (I&O) leaders have invested or intend to invest in cloud-based user computing solutions during the next 24 months.

As the pandemic begins to slowly recede, and companies look to adopt more permanent hybrid work strategies, new integrated features are needed to enable more flexible ways of working.

So, we’re bringing the power of the cloud and familiarity of the PC together, giving people an even more seamless Windows experience without sacrificing security.

With Windows 365 Boot, I’ll be able to log directly into my Windows 365 Cloud PC at startup and designate it as my primary Windows experience on the device. This makes Windows 365 an even better solution for those temporary or frontline workforces I mentioned, where sharing devices and bring your own device (BYOD) scenarios are common. It allows different users to log in directly to their own personal and secure Windows 365 Cloud PC with their credentials.

If you are like me, you know the power of switching between desktop surfaces in Windows 11. Now we’re adding Windows 365 Switch, which will enable me to move between my Windows 365 Cloud PC and the local desktop just like I do between different desktops today in the Task switcher. I’ll even be able to use the same familiar keyboard commands, as well as a mouse-click or swipe gesture.

A new native Windows 365 app will give me another way to get straight to my Windows 365 Cloud PC from the taskbar or Start menu. All with a desktop path to my Windows 365 Cloud PC, providing a personal, customized welcome experience to tailor my settings, profile, and work style.

We are also working to deliver Windows 365 Offline, which will enable work in Windows 365 even when disconnected. When connectivity is restored, the Windows 365 Cloud PC will automatically resync with the Windows 365 service without data loss so the user experience and workflow are persistent.

Learn more about all these features in this Windows 365 blog and our new Microsoft Mechanics episode.

New inclusive and intelligent experiences and features for employees

In our most recent Work Trend Index research, we learned that 51 percent of people want a job that gives them the option to be fully remote, but they prefer a hybrid experience. The best news is that Windows 11, while designed for hybrid work, works for all scenarios—whether remote, onsite, or hybrid.

Today, I want to share with you some of my favorite new experiences coming soon to Windows 11 to make everyone working in these modern environments more effective. Best of all, these features are designed with accessibility in mind so everyone can enjoy the benefits of Windows 11.

I love how easy the centered Start menu design in Windows 11 is, and I’m excited to share how we’re building on that with new app folders right inside the Start menu. Now, I can enjoy the simplicity of organizing and easily finding apps on my Windows 11 desktop just as I’ve been able to do on my mobile device and tablet.

Refreshed File Explorer in Windows 11 to help you find what you need fast

One of my favorite announcements today is the refreshed experience in File Explorer. I can’t tell you how many hours I’ve spent looking for important files and folders over the years. Now, finding files is a breeze with new contextual suggestions in Windows powered by Context IQ. This recommends relevant content and contacts across Windows—including content to the cloud. For example, I can see what files I might want, including files that my frequent collaborators are working on that I also have access to.

And with Tabs in File Explorer, I’ll be able to multitask and find multiple files at the same time.

During our 2022 Work Trend Index research, we found that 35 percent of employees surveyed say they wish they could spend more time working on solitary or focused work in order to be more impactful or productive, which is why we are introducing new capabilities in Focus for Windows.

Save time with new features in Focus for Windows 11

As a senior leader at Microsoft, I’m in meetings most of my day, and it’s often challenging to find time to get important work done. I’ve found Focus to be one of the most impactful tools to increase my own productivity. Focus was first introduced in Windows 10 to limit visual distractions and reduce clutter on the desktop. Today, Focus inside Microsoft Viva Insights helps me protect my valuable time by automatically scheduling focus time based on my schedule for the next work week. This has been a game-changer for me. And today, I’m happy to share the new features coming to Focus in Windows 11, such as an integrated focus timer and do not disturb feature that makes it even easier to track and personalize my focus time.

More natural hybrid meeting experiences powered by AI

As companies continue to take a hybrid approach, we are delivering new advancements to make virtual and hybrid meetings and collaboration feel more natural. These features* include automatic framing to refocus your camera as you move around, voice clarity, voice focus, and background blur to reduce visual and audio distractions in the background. One of my favorites of these new AI-based features is called eye contact, which improves eye contact during virtual meetings and video calls.

Better audiovisual experiences with Live Captions in Windows 11

We are always looking for ways to improve the experience with accessible features, and today we’re making Windows 11 better for the deaf and hard of hearing communities, as well as language learners with Live Captions. This new feature empowers people to easily access captions from all audio experiences and apps across Windows, including web-based audio, such as audio from your favorite streaming websites. I love turning on captions when I’m watching my favorite shows, so this is another incredible experience we are bringing to Windows 11.

Multitasking is a snap with improved Snap layouts

What did we do before Snap layouts? I love this feature in Windows 11. It may be the feature I use the most as I’m always using multiple windows throughout the day. It’s so easy to snap together two or more related windows when I’m doing research or to multitask on up to four separate projects simultaneously. We’re always looking for ways to help people work smarter, not harder. So, now, I’m excited we are adding touch Snap layouts for touch-enabled devices. This capability is going to improve work for so many, including frontline workers using touch devices in their day-to-day work.

Empowering IT superheroes with modern management

IT departments had one of the most complex undertakings during the pandemic—keeping the digital estate of their entire, distributed workforce connected, up-to-date, and performing. And doing that as the IT administrators themselves were also working remotely added even greater complexity. With the diversity of devices used across the enterprise device landscape, including physical and Windows 365 Cloud PCs, IT truly needed to be superheroes to keep all the endpoints secure and productive.

It is cloud management in Microsoft Endpoint Manager that provides IT with the needed flexibility to protect and configure endpoints for a productive workforce as well as unlock the new features and functionality for Windows. With Windows 11 built as a cloud-powered OS, Endpoint Manager is key to helping organizations keep their devices up-to-date and upgraded when ready.

Another way to keep things updated is with our new automated service, Windows Autopatch, designed to free up IT teams everywhere by making Windows and Microsoft 365 update management easier than ever. Autopatch offers IT peace of mind when it comes to ensuring endpoints are healthy, protected, and compliant, thus enabling them to focus on other business challenges.

Autopatch enables IT to strike the right balance between rollout speed and stability thanks to a ring-based, gradual deployment. It helps you get current and stay current while hardening endpoints against threats and increasing productivity by deploying new features with minimal friction and risk. If issues arise, they won’t turn into interruptions—the service can stop and even reverse updates, which means we’ve got you covered. Windows Autopatch will be available in July 2022 as part of the Windows E3 offering. Learn more about Autopatch in this blog.

Providing flexibility and data protection

Application management for Microsoft Edge enables people to access organizational resources from an unmanaged device while giving IT the ability to control the conditions under which the resources can be accessed. With app protection policies applied from Endpoint Manager, administrators will be able to configure how data flows in and out of the organization as well as define acceptable threat levels. This allows more businesses to safely employ a BYOD model, or empower employees to access company information through personal devices without compromising privacy or protection.

Improve communication with targeted messages in Windows 11

I am also excited about a new communications function that empowers IT to send targeted organizational messages directly to users across various surfaces, such as on the desktop, lock screen, or right above the taskbar. Imagine being able to share helpful messages to new employees onboarding or reminders for important training that might otherwise get lost in email. From the Endpoint Manager admin center, IT can create messages, provide customized links or URLs, configure the viewing frequency, and of course define the targeted set of users for the message based on the integration with Microsoft Azure Active Directory (Azure AD).

A new era for endpoint management adds more simplicity

Our goal is to simplify what it takes for IT to protect the endpoints across their user computing landscape to help organizations support a Zero Trust security model. We are excited to enter a new era for endpoint management, one that will provide an expanded set of advanced solutions and capabilities in Endpoint Manager designed to increase endpoint security, improve user experience, and reduce the total cost of ownership of your digital estate. We are bringing together additional mission-critical endpoint and security management tools into a single, cloud-powered solution and it starts today. Read more about the news of our vision for advanced endpoint management in this Microsoft 365 blog and learn about our plans to introduce a series of premium solutions over time that will help protect endpoints in the cloud, on-premises, and across device platforms, foundational for organizations striving to achieve a Zero Trust architecture.

The 2022 Work Trend Index highlighted that more than 50 percent of hybrid employees are considering going fully remote in the next year, so on-site tech support can no longer be the only option to resolve complex technical issues. Today we are launching the first of our premium solutions in Endpoint Manager for general availability, remote help for Windows, a cloud-based, remote assistance tool that provides a secure, trusted helpdesk to user connections. The endpoint is the new workplace. Providing resolutions to users—delivered by the right helper, with the right permissions, at the right time—is crucial for organizations in today’s hybrid world.

Help keep hybrid work safe with new security features

Given the fast-changing cybersecurity landscape, we continue to see accelerating with new threats today, it wasn’t surprising to see that cybersecurity issues and risks was the number one concern for business leaders around the world. To help address those concerns, we’re introducing new security features coming to Windows 11 to make the most secure version of Windows we’ve ever built even more secure for hybrid and remote employees.

With built-in chip to the cloud protection, Windows 11 helps organizations address the new security challenges of the hybrid workplace, now and in the future. With every release, we are making Windows more secure by default and today we’re thrilled to show you how Windows powers the future of business.

We are all potential targets of sophisticated phishing and other cyberattack attempts. I’m excited about future Windows 11 updates we are adding, like enhanced phishing detection and protection built into Windows with Microsoft Defender SmartScreen. We are also bringing more protection against malware, ransomware, data loss, and the serious risk of hardware attacks if a device is stolen. We’ve designed security in Windows to be simple for all—for businesses large and small, from IT to consumers. Our Windows customers will benefit from layers of tightly integrated hardware and software security from the chip to the cloud, designed to help protect our customers from wherever and however they choose to work. To learn more about the security innovations coming to Windows 11, visit the Security Blog.

Taking the journey to hybrid work, together 

As workplaces and world events continue to evolve, so too will the needs of your employees and organization. That’s why we designed Windows 11 to be the most flexible, secure, and productive solution for hybrid work. The features we announced today ensure that you can continue to count on Windows to move your business forward with cloud-powered technology and services that adapt and evolve to meet today’s challenges and tomorrow’s. 

Creating a durable hybrid work environment is a journey. Microsoft is on its own journey, learning as we go just like you are. That’s why we wanted to share our own Windows 11 deployment story with you, so we can all be students of the time, together. I invite you to check out my conversation with Nathalie D’Hers, Corporate Vice President of Microsoft Digital Employee Experience, highlighting the employee experience, and our case study on deploying Windows 11 at Microsoft.

One of our biggest learnings as “customer zero” for Windows 11 adoption is just how easy it was to do using familiar tools and processes like Windows Update for Business, Autopilot for new PCs, and tools in Microsoft Endpoint Manager like Endpoint Analytics to measure device health and status. With its common core and consistency across admin functions, it is easy to run Windows 10 and Windows 11 in your environment, side-by-side. And to ensure that we’re supporting you throughout your migration journey, we offer engineering-led services like Fast Track, as well as App Assure and Test Base, a powerful combination to help make sure that all of your apps are compatible.

ITC Secure, one of our earliest adopters of Windows 11, enjoyed the fast and simple process of migrating their organization and is now taking advantage of the full benefits of Windows 11.

Windows is designed for hybrid work and is ready for you today. Thank you for trusting Windows to be the platform for your business now and in the future. You can learn more about how Windows is extending to the cloud with Windows 365 here, and be sure to check out our Tech Community site for more in-depth information on features, deployment guidance, and best practices to help you on your journey to Windows 11.

*Hardware dependent

The post New experiences in Windows 11 and Windows 365 empower new ways of working appeared first on Microsoft 365 Blog.

As some regions begin to make their way out of the challenges and disruption of the past 18 months, we’re seeing a new world of work emerge. Organizations everywhere have transformed themselves through virtual processes and remote collaboration. And as people embrace hybrid work—with people returning to the office, continuing to work from home, or some mix of the two—things will be different all over again.

The ability to work whenever, however, and wherever it’s needed has become the new normal. All employees want technology that’s familiar, easy to use, and available across devices. And in the most complex cybersecurity environment we’ve ever seen, businesses need a solution that helps their employees collaborate, share, and create while also keeping their data safe and secure. 

We have an opportunity to design the tools that will empower this new world of hybrid work with a new perspective—and the power and security of the cloud.  

Today we’re excited to announce Windows 365, a cloud service that introduces a new way to experience Windows 10 or Windows 11 (when it’s generally available later this calendar year) for workers from interns and contractors to software developers and industrial designers. Windows 365 takes the operating system to the Microsoft Cloud, securely streaming the full Windows experience—including all your apps, data, and settings—to your personal or corporate devices. This approach creates a fully new personal computing category, specifically for the hybrid world: the Cloud PC.

Today I’d like to share with you why we think bringing the cloud revolution to personal computing will be such a milestone for how customers work in the future and the opportunities this will create for our partners.

A powerful, personalized, full Windows experience in the cloud on any device

Our recent Work Trend Index found that 73 percent of workers want flexible remote work options to stay, but at the same time, 67 percent say they also want more in-person collaboration, post-pandemic. This creates the hybrid work paradox, leaving organizations around the world to grapple with how to connect in a hybrid world and provide workers access to organizational resources at home, in the office, and at all points between.

Much like how we’ve embraced the cloud for other products, our vision for a Windows 365 Cloud PC is to deliver a new way to experience Windows through the power of the cloud—while solving both novel and traditional challenges for organizations. This new paradigm isn’t just about allowing and securing remote access. The user experience is more important than ever for attracting and retaining talent, improving productivity, and ensuring security.

The Cloud PC draws on the power of the cloud and the capabilities of the device to provide a powerful, simple, and secure full Windows 10 or Windows 11 experience that you can use to empower your workforce, regardless of location or device. Windows 365 provides an instant-on boot experience that enables users to stream all their personalized applications, tools, data, and settings from the cloud across any device including your Mac, iPad, Linux device, and Android. The Windows experience is consistent, no matter the device. You can pick up right where you left off, because the state of your Cloud PC remains the same, even when you switch devices. You can get the same work done on a laptop in a hotel room, a tablet from their car between appointments, or your desktop while you’re in the office. Seasonal workers also can ramp on and off according to the needs of the business, allowing the organization to scale for busy periods without the complicated logistical and security challenges of issuing new hardware. Further, companies can be more targeted in how they outfit specialized workers in creative, analytics, engineering, or scientific roles who need greater compute power and access to critical applications.  

Windows 365 supports your business apps—Microsoft 365, Microsoft Dynamics 365, Microsoft Power Platform—line of business apps, and more. With Windows 365, we also stand by our promise of app compatibility with App Assure, a service that helps customers with 150 or more users fix any app issues they might run into at no additional cost.

Greater simplicity with familiar tools

One of the most important design principles of Windows 365 is simplicity. You can choose the size of the Cloud PC that best meets your needs with per user per month pricing. Organizations have two edition options that include a complete cloud-based offering with multiple Cloud PC configurations based on performance needs: Windows 365 Business and Windows 365 Enterprise.

For IT, we built Windows 365 to be consistent with how you manage your physical devices now. Your Cloud PCs show up right alongside your physical devices in Microsoft Endpoint Manager, and you can apply management and security policies to them just as you do to all your other devices.

Windows 365 is built on Azure Virtual Desktop, but it simplifies the virtualization experience—handling all the details for you. You can scale processing power and monitor the performance of the Cloud PC to make sure your users are getting the best experience. We’ve also built analytics into the service to look at connection health across networks to make sure your Cloud PC users can reach everything they need on your network to be productive. From the Endpoint Analytics dashboard, you can easily identify the Cloud PC environments that are not delivering the performance needs of a given user, and not only can you get recommendations, but you can also upgrade them at the touch of a button, which is immediately applied without missing a beat. Our new Watchdog Service also continually runs diagnostics to help to keep connections up-and-running at all times. If a diagnostic check fails, we’ll alert you and even give suggestions for how to correct the issue. 

For greater customization and flexibility, especially if your organization has virtualization expertise, we recommend Azure Virtual Desktop, which continues to see significant adoption as organizations modernize VDI in the cloud. You can read more about our increased investments in Azure Virtual Desktop in today’s Tech Community blog.

For more information about the management experience, check out the Tech Community blog from Scott Manchester.

Cloud security powered by Zero Trust

With a focus on a Zero Trust architecture, Windows 365 also helps solve for today’s critical security challenges by design, storing and securing information in the cloud, not on the device. Multifactor authentication (MFA) works to explicitly verify any login or access attempt to a Cloud PC through integration with Microsoft Azure Active Directory (Azure AD). And within Microsoft Endpoint Manager, you can pair MFA with dedicated Windows 365 conditional access policies to assess login risk instantly for each session. We’ve also designed the user and admin experiences around the principle of least privileged access. For example, you can delegate specific permissions, like licensing, device management, and Cloud PC management using specific roles, so you don’t need to be a global administrator. You can use the security baselines for Windows 10, Microsoft Defender for Endpoint, and Microsoft Edge, just like you would for your physical devices now, and we’ve built a cloud PC-specific security baseline to help you get started quickly. 

If you use Microsoft Defender for Endpoint to protect your devices, it also works seamlessly with your Cloud PCs. You can use Microsoft Endpoint Manager to quickly onboard your Cloud PCs just like your other devices with Defender for Endpoint. It not only protects your Cloud PCs, but also gives you security recommendations to lower risks, and helps you quickly discover and investigate any security incidents.

Finally, encryption is used across the board. All managed disks running Cloud PCs are encrypted, all stored data is encrypted at rest, and all network traffic to and from your Cloud PCs is also encrypted.

Windows 365 means new opportunities for partners

Windows 365 creates new opportunities for partners of all types across the Microsoft ecosystem to deliver new Windows experiences from the cloud.

Independent software vendors can continue to build Windows apps, and now, deliver them in the cloud to reach a broader audience. Windows 365 also presents new development opportunities, leveraging APIs available to partners, enabling them to bring their own innovations to market. In fact, check out the Tech Community blog that highlights the solutions ISVs like Nerdio, UKG, Service Now, and Net App are announcing today in support of different user scenarios with Windows 365.

Our customers will look to system integrators and managed service providers to help them get the most out of their entire Windows estate, using the additional services that our partners like Accenture/Avanade, Atos, Crayon, Content and Cloud, Convergent, Coretek, DXC, Glueck & Kanja GAB, Insight, and Netrix continue to bring to market. For small and midsize businesses, partners like Iconic IT LLC, MachineLogic LLC, and Nitec Solutions already support Windows 365 and can assist with additional services. Original equipment manufacturers (OEMs) gain an opportunity to integrate Windows 365 into their broad portfolio of services alongside their devices’ robust features and secure hardware.

Cloud PC represents the next big step in cloud computing that connects the Microsoft Cloud and personal devices in a powerful new way. With the announcement of Windows 365, we’re inviting organizations, employees, and partners to reimagine experiences with Windows and their devices and look forward to creating new scenarios for users everywhere.

Hybrid Windows for a hybrid world

We are so excited to share this new way to experience Windows 10 or Windows 11 (when available) through the power of the cloud across all your devices. We believe this will give organizations of all sizes the power, simplicity, and security you need to address the changing needs of your workforce as you embrace hybrid work.

Windows 365 will be available on August 2, 2021, to organizations of all sizes. In the meantime, you can learn more about Windows 365 now.

We are excited to be on this journey together, and we can’t wait to learn about all the new ways you will get work done using Windows 365.

The post Introducing a new era of hybrid personal computing: the Windows 365 Cloud PC appeared first on Microsoft 365 Blog.

Tuttavia, attualmente si sta verificando una tendenza all’adozione di un approccio più moderno alla sicurezza informatica da parte delle istituzioni finanziarie più esperte: il modello Zero Trust. Il principio alla base di tale modello consiste nell’accordare zero fiducia, per impostazione predefinita, ad utenti interni ed esterni e nell’esigere la verifica scrupolosa di ogni persona o dispositivo prima di concedere l’accesso.

I perimetri del castello continuano ad essere importanti, ma anziché effettuare ulteriori investimenti in fortificazioni più massicce e fossati più ampi, si predilige scegliere un approccio più articolato alla gestione dell’accesso di identità, dati e dispositivi all’interno del castello, tramite il modello Zero Trust. Grazie a tale approccio, anche se un insider agisce in modo dannoso o negligente, o utenti malintenzionati varcano le mura del castello di nascosto, non è detto che riescano ad accedere automaticamente ai dati.

I limiti dell’approccio di tipo “castello e fossato”

Quando si tratta di proteggere l’attuale patrimonio digitale aziendale, l’approccio “castello e fossato” presenta alcuni limiti critici perché il significato stesso di protezione dalle minacce informatiche è cambiato. Le grandi organizzazioni, comprese le banche, devono fare i conti con reti di dati e applicazioni sparse, a cui accedono dipendenti, clienti e partner in sede o online. Ciò rende la difesa del castello ancora più difficile. E anche se il fossato risultasse efficace per arginare gli attacchi, non può fare molto contro utenti con identità compromesse o altre minacce interne che si nascondono all’interno delle mura del castello.

Le procedure riportate comportano l’esposizione a possibili attacchi e sono pratiche comuni nelle banche il cui approccio alla sicurezza si basa sul modello “castello e fossato”:

• Un’unica revisione annuale dei diritti di accesso del personale alle applicazioni.
• Criteri per l’assegnazione dei diritti di accesso ambigui e incoerenti, a discrezione del gestore, e governance insufficiente in caso di trasferimenti del personale.
• Uso eccessivo di account con privilegi di amministratore da parte dell’IT.
• Dati dei clienti memorizzati in più condivisioni di file e poca chiarezza sugli aventi diritto all’accesso.
• Fiducia eccessiva nelle password per autenticare gli utenti.
• Assenza di attività di classificazione dei dati e di creazione di report per tenere traccia dei dati.
• Uso frequente di unità flash USB per trasferire file che includono dati altamente sensibili.

In che modo consulenti e clienti possono utilizzare il modello Zero Trust

I vantaggi dell’approccio Zero Trust sono stati ampiamente documentati e un numero crescente di esempi reali ne dimostra la capacità di prevenire cyberattacchi sofisticati. Nonostante ciò, sono ancora molte le banche che attuano procedure diverse dai principi Zero Trust.

L’adozione di un modello Zero Trust può aiutare le banche a rafforzare la propria posizione di sicurezza, in modo da poter supportare con fiducia le iniziative che offrono ai dipendenti e ai clienti una maggiore flessibilità. Ad esempio, i dirigenti delle banche vorrebbero svincolare dalle loro postazioni i responsabili delle relazioni con i clienti e i consulenti finanziari, per rendere possibile l’incontro con i clienti al di fuori dei locali delle banche. Oggi molte istituzioni finanziarie supportano questa flessibilità geografica attraverso strumenti cartacei statici per riassumere la propria consulenza. Tuttavia, sia i dipendenti delle banche che i clienti si aspettano un’esperienza più dinamica che consenta di utilizzare dati in tempo reale.

Le banche che si affidano ad un approccio alla sicurezza basato sul modello “castello e fossato” sono riluttanti a diffondere dati al di fuori della rete fisica. Ciò significa che i consulenti finanziari possono avvalersi di modelli dinamici di strategie di investimento comprovate e disciplinate solo se le riunioni con i loro clienti si svolgono all’interno dei locali della banca.

D’altra parte, per i consulenti in movimento, o comunque senza VPN, è complicato condividere aggiornamenti di modelli in tempo reale o collaborare attivamente con altri consulenti od operatori. Eppure, questa flessibilità è un fattore importante per prendere decisioni di investimento solide e per la soddisfazione del cliente. Grazie al modello Zero Trust il responsabile delle relazioni con i clienti o l’analista può sfruttare le informazioni dei fornitori di dati di mercato, sintetizzarle con i propri modelli e lavorare in modo dinamico in diversi scenari, sempre e ovunque.

Fortunatamente è in corso una nuova era di intelligent security, basata sul cloud e sull’architettura Zero Trust, in grado di semplificare e modernizzare la sicurezza e la conformità per le banche.

Microsoft 365 aiuta a trasformare la sicurezza bancaria

Con Microsoft 365 le banche possono passare subito alla sicurezza Zero Trust attraverso l’implementazione di tre strategie chiave:

• Identità e autenticazione—Innanzitutto, le banche devono verificare l’identità degli utenti e fornire loro garanzie di accesso in base al ruolo. Con Azure Active Directory (Azure AD), possono utilizzare Single Sign-On (SSO) per consentire agli utenti autenticati di connettersi alle app ovunque, garantendo ai dipendenti mobili l’accesso sicuro alle risorse senza comprometterne la produttività.

Inoltre, con l’implementazione dei metodi di autenticazione avanzata, come l’autenticazione a più fattori a due fattori o senza password, possono ridurre il rischio di violazione del 99,9%. Microsoft Authenticator supporta notifiche push, passcode monouso e dati biometrici per qualsiasi app connessa ad Azure AD.

Per i dispositivi Windows, i dipendenti possono utilizzare Windows Hello, una funzione di riconoscimento facciale sicura e pratica per accedere ai dispositivi. Infine, le banche possono avvalersi dell’accesso condizionale di Azure AD per proteggere le risorse da richieste sospette mediante l’applicazione di criteri di accesso appropriati. Microsoft Intune e Azure AD collaborano per garantire che solo i dispositivi gestiti e conformi possano accedere ai servizi di Office 365, incluse posta elettronica e app locali. Attraverso Intune, è anche possibile valutare lo stato di conformità dei dispositivi. I criteri di accesso condizionale vengono applicati in base allo stato di conformità del dispositivo nel momento in cui l’utente tenta di accedere ai dati.

Esempio di accesso condizionale.

• Protezione dalle minacce—Con Microsoft 365, le banche possono anche rafforzare la loro capacità di proteggere, rilevare e rispondere agli attacchi con la sicurezza integrata e automatizzata di Microsoft Threat Protection. Microsoft Threat Protection sfrutta la tecnologia di Microsoft Intelligent Security Graph per raccogliere i segnali di minaccia e l’automazione avanzata basata sull’intelligenza artificiale (IA) per migliorare l’identificazione e la risposta agli incidenti, consentendo ai team di sicurezza di risolvere prontamente le minacce in modo accurato ed efficiente. Il Centro sicurezza Microsoft 365 fornisce un hub centralizzato e un’area di lavoro specializzata per gestire e sfruttare appieno le soluzioni di intelligent security di Microsoft 365 per la gestione di identità e accessi, protezione dalle minacce, protezione delle informazioni e gestione della sicurezza.

Centro sicurezza Microsoft 365.

• Protezione delle informazioni—Identità e dispositivi sono i principali vettori di vulnerabilità per gli attacchi informatici, ma ciò che i criminali informatici desiderano davvero sono i dati. Con Microsoft Information Protection, le banche possono migliorare la protezione delle informazioni sensibili, ovunque risiedano o viaggino. Microsoft 365 consente ai clienti di 1) identificare e classificare i propri dati sensibili; 2) applicare criteri di protezione flessibili e 3) monitorare e correggere i dati sensibili a rischio.

Esempio di uno scenario di classificazione e protezione.

Semplificare la gestione della sicurezza con Zero Trust

Microsoft 365 aiuta a semplificare la gestione della sicurezza in una moderna architettura Zero Trust, sfruttando la visibilità, le dimensioni e l’intelligence necessarie per combattere il crimine informatico.

L’ambiente Zero Trust è ottimale per proteggere il proprio “castello” moderno dalle attuali minacce alla sicurezza informatica. Nell’ambiente Zero Trust la supervisione degli accessi è aggiornatissima su chi accede a cosa, dove e quando e se l’accesso è consentito.

Le funzionalità di sicurezza e conformità di Microsoft 365 aiutano le organizzazioni a effettuare verifiche prima di affidarsi a un utente o a un dispositivo. Microsoft 365 offre anche una soluzione completa per il lavoro in team e la produttività. Complessivamente, Microsoft 365 offre una soluzione completa per aiutare i dirigenti delle banche a concentrarsi su clienti e innovazione.

The post Perché le banche si affidano al moderno modello Zero Trust per la propria sicurezza informatica appeared first on Microsoft 365 Blog.