Enabling your customers to secure their hybrid workplace - Microsoft AI Cloud Partner Program

Enabling your customers to secure their hybrid workplace

Woman at computer

The widespread shift to remote work early last year catalyzed what our CEO Satya Nadella described as “two years’ worth of digital transformation in two months.”  

Now, a new wave of change is expected as organizations globally shift to a hybrid workplace. 

While this blistering pace of tech-fueled evolution generates exciting new opportunities for the entire Microsoft partner ecosystem, it also uncovers new challenges for our customers to navigate, and one of the primary concerns for any organization is cybersecurity. The massive shifts in how and where we work have bred new types of threats from cyber bad actors, and the broader adoption of the hybrid workplace is expected to result in additional vulnerabilities. 

Microsoft processes more than 8 trillion signals every 24 hours, and repelled a record-breaking 30 billion email threats last year. Despite these efforts, the world has entered what Microsoft CVP Vasu Jakkal referred to as “a realm of next-level attacks.” All of us must perpetually evolve our security processes to keep up with the sophisticated attacks of cyber criminals and nation state hackers, and our customers are relying on partners more than ever to help them make the right moves to keep their organizations’ data safe. 

We’re committed to ensuring partners have the resources, tools, and guidance needed to help customers evolve their security practices. Here are specific areas of focus that help partners tackle security, compliance, and identity issues for customers.  

Adopting multifactor authentication 

Passwords are ineffective and expensive to manage, while other forms of authentication offer a safer and more user-friendly experience. Requiring more than one form of authentication, or multifactor authentication (MFA), is also more effective at verifying identity and boosting security as a result. According to Microsoft CISO Bret Arsenault, “Using MFA is the single most effective security practice that companies are not employing.” He has spearheaded a campaign to eliminate passwords entirely at Microsoft, and over 90 percent of our workforce currently uses alternate authentication methods. 

By helping customers adopt multifactor authentication, partners can help them dramatically reduce their organizations’ risk. Surprisingly, only 18% of our customers have MFA turned on. Considering any customer with a commercial service subscription (such as Azure or Microsoft 365) can turn on MFA at no additional cost, it is a no-brainer to utilize this powerful defense tool. As Microsoft CVP Ann Johnson recently shared, “Using MFA blocks 99.9 percent of the account hacks your organization and customers face, on average.” And in a world where entire networks of vendors and other third-party companies share information, closing one organization’s vulnerabilities can help increase security. 

Migrating to the cloud 

Organizations should continue to evaluate migrating to the cloud to boost security. Maintaining and defending on-premises data centers can be costly and time consuming. Turning to the cloud outsources much of that work, allowing your IT staff to prioritize their time to focus on high-value issues. According to Ann Johnson, “With more enterprises relying on cloud technology, developing a comprehensive cyber resilience strategy as part of a holistic approach to operational resilience makes preparing for a wide range of contingencies less complicated.” 

We bake security into all of our products and solutions. Migrating to Microsoft Azure allows companies to benefit from the protections offered by Microsoft Azure Sentinel, Microsoft Azure Active Directory, Microsoft Azure Purview, and more. To review the latest Azure-related security updates, you can read my blog about the security announcements we made during Microsoft Ignite 2021 in March. 

Upskilling your workforce 

The cybersecurity industry is facing a shortage of workers, which further complicates keeping up with the constant onslaught of cyberattacks. By building the security skillsets within your organization, you can better position your company to both protect itself and offer valuable services and guidance to customers.

We strive to ensure that partners have the skilling and training resources needed to keep your team prepared to handle increasingly complex cyber threats. Use our enablement guide to find online courses and resources. We are excited to announce that we have released four new certifications for security, compliance, and identity, including: 

  • The Security Operations Analyst Certification can help individuals showcase knowledge of threat mitigation using Microsoft security, compliance, and identity solutions, as well as performing proactive threat hunting activities. 

In the coming weeks, we are releasing a new Hybrid Cloud Security advanced specialization. This will help bring a unique level of differentiation for partner organizations, in addition to the current security-related advanced specializations for Identity and Access Management, Information Protection and Governance, and Threat Protection. 

Digital transformation will continue to reshape entire industries, and as it does, new vulnerabilities will be exposed. While no organization is exempt from cyber risk, by using the right mix of resources, insights, and tools partners can help our customers forge defenses that can reduce the likelihood and impact of a breach. As we continue to work together, I am confident that we can rise to the challenge of protecting our collective data, both now and in the future. 

Author

  • Tracey Pretorius
    Senior Director, Global Security Research Strategy

    Tracey leads Microsoft worldwide security researcher enablement strategy efforts to ensure our customers benefit from world-class security and AI solutions. She is passionate about helping customers and partners navigate an ever-evolving cybersecurity landscape and leverage Microsoft technology to effectively protect against and respond to cybercrime. Collaboration with security experts and partners across industries is critical to driving cybersecurity advancements. Tracey is involved in a number of groups, including co-founding and chairing the Microsoft Women in Security (MWiS) group, engagement in the Executive Women’s Forum (EWF) for Information Security, Risk Management & Privacy, an executive sponsor of partner KPMG’s i-4 Forum for Information Security & Risk professionals and on their CISO global member advisory board, an advisory board member at Strategic Cyber Ventures, and is also on the board of directors of the Choroideremia Research Foundation.