Search This Blog

Powered by Blogger.

Blog Archive

Labels

Microsoft Tightens Cloud Security After Major Breaches

As part of its Secure Future Initiative, the company has eliminated hundreds of thousands of outdated apps and millions of inactive tenants.

 



In its efforts to better its cloud security, Microsoft has done much to remove any potential vulnerabilities and tightened the process of authenticating individuals. This comes after the tech giant saw several security breaches within the past year. Under the Secure Future Initiative launched in November 2023, Microsoft has so far purged 730,000 unused applications and deactivated 5.75 million inactive tenants in its cloud system. The initiative has been a direct response to cyber intrusions that had resulted in the revelation of sensitive data.

Reducing the Cyber Attack Surface

The firm has sought to minimise its attack surface by identifying dead or idle areas of its cloud infrastructure and is working to eliminate them. Removing hundreds of thousands of applications and millions of unused tenants works at making Microsoft shrink down the possible avenues the hackers may employ to penetrate it. Furthermore, Microsoft has sought to make the software production environment more secure by equipping the software teams with 15,000 locked-down devices. In its other security measure, the company conducted video-based identity verification for 95 percent of its production staff for further security in the identity authentication process. 

Better Identity and Authentication Security

Cybersecurity is one aspect where Microsoft has improved much. For instance, the identity management systems for its Entra ID and Microsoft Account (MSA) platforms have been remarkably enhanced.

These updates target better generation, storage, and rotation of access token signing keys as means to advance the protection of the public and government cloud environments. This is partly because of an incident in 2023, when hacking group Storm-0558 from China successfully accessed Exchange Online systems and penetrated the private email accounts of dozens of state officials. 

Secure Future Initiative Focus Areas

The SFI project is the most ambitious cybersecurity effort Microsoft has undertaken to date, providing 34,000 engineers dedicated to bulking up the company's defences. It focuses mainly on six critical areas: identity and access control, securing cloud tenants and production systems, strengthening engineering systems, improving network security, enhancing threat detection, and perfecting incident response. By doing all of these broad strokes, the likelihood of any future breach of this scale is reduced.

Mitigating Past Security Mistakes

Analysis by the US Department of Homeland Security's Cyber Safety Review Board had shown that a succession of security lapses at the company allowed these breaches. The inquiry, focused on the Storm-0558 intrusion, had asserted that it was time for Microsoft to strengthen its security posture, which primarily revolved around identity and authentication processes. Based on this, the company has moved very quickly to shore up weaknesses and prevent something similar from happening in the future.

Progress in Key Security Areas

Microsoft says it made strides in several areas in the latest report on SFI.

Unused applications and tenants removed reduce cloud attack surface. In network security, the firm now maintains a central inventory for more than 99% of physical assets, providing greater oversight.

Virtual networks with back-end connectivity are isolated from the corporate networks, which in turn is subjected to even more rigorous security audits. Centralised pipeline templates accounting for 85% of the production builds have been so far a part of the security. Personal access tokens now also have a much shorter life. Proof-of-presence checks are also instituted at the most sensitive points of the software development pipeline. 

Organisational Changes for Better Security

Beyond the technical, there have been organisations which are aimed at ensuring the executives are held responsible for security outcomes. There have been those who tied senior leadership compensation to specific security goals and that the company's threat intelligence team reports directly to the Chief Information Security Officer. This is in the way that it gives the assurance that security is top of the agenda across the organisation.

The Microsoft Secure Future Initiative is a reflection of its attempt to learn from previous failures in the area of security and succeed further in the cloud environment. The company intends to secure itself and, by extension, its customers from future cyber-attacks by enforcing identity verification, reducing attack surfaces, and having a strong network as well as engineering security. Hence, through continuous actions, Microsoft aims to ensure that such instances-where confidential and sensitive data are leaked-would not recur in the future.





Share it:

cyber attack

identity

Microsoft

Security

Sensitive data