As we kick off National Cybersecurity Awareness Month around the globe, it’s important to take a moment to consider the current landscape and remind ourselves of some of the steps we can all take to safeguard and protect the partner ecosystem from threats.
Without question, Microsoft builds security into all of our products and services and provides an infrastructure with the goal of ensuring protection up front; we are also the first responders for customers around the world if something goes wrong. And while it is a responsibility that we work on advancing and optimizing each day, we rely on our partners to be active contributors to the safety of the ecosystem.
In Microsoft President Brad Smith’s new book, “Tools and Weapons,” he discusses the need for the whole community to step up and get involved in proactively protecting our shared spaces; the idea that “it takes a village” is a prevalent theme throughout. To protect cyberspace, which is owned and operated by a number of organizations, a new era of working together must be ushered in. The ecosystem is a complex network – one that is only as strong as its weakest link – which is why it is vital for every participant to do their part.
For our partners, we recently introduced security requirements designed to help mitigate threats, including multi-factor authentication for all users in your tenants and adoption of the Secure Application Model framework. Additionally, we recently announced general availability of Azure Sentinel, the first SIEM+SOAR (Security information and event management + Security Orchestration and Automation Response) solution, and a born-in-the-cloud SIEM, which allows you to invest in security without having to worry about infrastructure or maintenance. With the cloud and built-in intelligence, threats are detected and mitigated faster and smarter.
We have a wealth of resources available to partners to build your security practice, including our Security playbook – written by partners for partners. Partners can also demonstrate their security expertise by earning the recently-released security competency.
But it doesn’t stop at our professional lives; vigilance is key, and this means we must take precautions and proactive measures in our personal use of email, social media and the Internet. Enabling multi-factor authentication for accounts will end up blocking 99 percent of automated attacks; a simple add such as a recovery phone number can help mitigate the majority of bulk phishing and other targeted attacks that happen on a daily basis.
Practicing password hygiene or simply getting rid of passwords altogether by utilizing facial or fingerprint recognition technology can be effective ways to further protect your personal information. Another simple practice is to use caution when presented with links or attachments from untrusted sources that can often install malware when the intended target clicks on a link (or opens/downloads a file). If you don’t recognize the sender, don’t take the risk.
Avoiding security incidents is far easier and less costly than cleaning up after an attack. By implementing a few simple measures, we can keep our shared spaces safe and secure. We cannot do it alone, and National Cybersecurity Awareness Month is the perfect reminder that collaboration and partnership is key for maintaining and optimizing our security efforts.