Agrégateur de flux

Microsoft now a Leader in three major analyst reports for SIEM

Security, Compliance, and Identity Blog - jeu, 31/10/2024 - 17:00

We’re excited and honored to be positioned in the Leaders Category in the IDC MarketScape: Worldwide SIEM (security information and event management) for Enterprise 2024 Vendor Assessment (doc #US51541324, September 2024)—our third major analyst report in SIEM to name Microsoft as a Leader. We were recognized in the most recent reports as a Leader in the 2024 Gartner® Magic Quadrant™ for Security Information and Event Management and as a Leader in The Forrester Wave™: Security Analytics Platforms, Q4 2022. We believe this position validates our vision and continued investments in Microsoft Sentinel, making it a best-in-class, cloud-native SIEM solution. It’s always a rewarding experience when trusted analysts recognize the continued work we’ve put into helping our customers modernize their operations, improve their security posture, and work more efficiently.

A Leader in the market with an innovative solution for the SOC

Microsoft Sentinel provides a unique experience for customers to help them act faster and stay safer while managing the scaling costs of security. Customers choose our SIEM in order to:

Protect everything with a comprehensive SIEM solution. Microsoft Sentinel is a cloud-native solution that supports detection, investigation, and response across multi-cloud and multi-platform data sources with 340+ out-of-the-box connectors A strength of Microsoft’s offering is its breadth, which includes user entity and behavior analytics (UEBA), threat intelligence and security orchestration, automation, and response (SOAR) capabilities, along with native integrations into Microsoft Defender threat protection products.
Enhance security with a unified security operations platform. Customers get the best protection when pairing Microsoft Sentinel with Defender XDR in Microsoft’s unified security operations platform. The integration not only brings the two products together into one experience but combines functionalities across each to maximize efficiency and security. One example is the unified correlation engine which delivers 50% faster alerting between first- and third-party data, custom detections and threat intelligence.3 Customers can stay safer with a unified approach, with capabilities like automatic attack disruption—which contains attacks in progress, limiting their impact at machine speed.

Address any scenario. As the first cloud-native SIEM, Microsoft Sentinel helps customers observe threats across their digital estate with the flexibility required for today’s challenges. Our content hub offerings include over 200 Microsoft- created solutions and over 280 community contributions. The ability to adapt to the unique use cases of an organization is something called out in both the Forrester and Gartner reports.

Scale your security coverage with cloud flexibility. Compared with legacy, on-premises SIEM solutions, Microsoft Sentinel customers see up to a 234% return on investment (ROI).1 This makes it an attractive option for customers looking for a scalable offering to meet the evolving needs of their business while managing the costs of data. We’ve recently launched a new, low-cost data tier called Auxiliary Logs to help customers increase the visibility of their digital environment, while keeping their budgets in check. In addition, Microsoft’s SOC Optimizations feature, a first of its kind offering, provides targeted recommendations to users on how to better leverage their security data to manage costs and maximize their protection, based on their specific environment and using frameworks like the MITRE attack map

Respond quickly to emergent threats with AI. Security Copilot is a GenAI tool that can help analysts increase the speed of their response, uplevel their skills, and improve the quality of their work. 92% of analysts reported using Copilot helped make them more productive and 93% reported an improvement in the quality of their work.

What’s next in Microsoft Security

Microsoft is dedicated to continued leadership in security through ongoing investment to provide customers with the intelligence, automation, and scalability they need to protect their businesses and work efficiently. New and upcoming enhancements include more unified features across SIEM and XDR, exposure management and cloud security in the unified security operations platform, and our SIEM migration tool—which now supports conversion of Splunk detections to Microsoft Sentinel analytics rules and additional Copilot skills to help analysts do their job better.

To learn more about Microsoft Security solutions, visit our website. Bookmark the Security blog to keep up with our expert coverage on security matters. Also, follow us on LinkedIn (Microsoft Security) and X (@MSFTSecurity) for the latest news and updates on cybersecurity.

Update to security defaults

Microsoft Entra Blog - mer, 30/10/2024 - 17:00

As part of the Secure Future Initiative, we’ve evolved our security approach to align with three security principles: secure by design, secure by default, and secure operations. Secure by default means security protections are enabled and enforced by default. In Microsoft Entra, security defaults are an example demonstrating our secure by default approach. Security defaults are enabled for every new tenant. This provides a baseline level of protection for your Entra identities and resources. To make sure that organizations relying on security defaults are well protected, we’re updating a requirement for authentication method to help improve your security posture.

We’re removing the option to skip multifactor authentication (MFA) registration for 14 days when security defaults are enabled. This means all users will be required to register for MFA on their first login after security defaults are turned on. This will help reduce the risk of account compromise during the 14-day window, as MFA can block over 99.2% of identity-based attacks. This change affects newly created tenants starting on December 2nd, 2024 and will be rolled out to existing tenants starting in January 2025.

This update is part of our ongoing effort to provide you with a secure and reliable identity service. We recommend that you enable security defaults for your organization if you’ are not using Conditional Access, as security defaults offer a simple and effective way to protect your users and resources from common threats.

To learn more about these upcoming updates and how you can best prepare your user, please review our documentation.

Nitika Gupta

Group Product Manager, Identity

Learn more about Microsoft Entra

Prevent identity attacks, ensure least privilege access, unify access controls, and improve the experience for users with comprehensive identity and network access solutions across on-premises and clouds.

Meet Microsoft Entra at Ignite 2024: November 18-22

Microsoft Entra Blog - mar, 29/10/2024 - 17:00

Microsoft Ignite is just around the corner, taking place from Monday, November 18, 2024 through Friday, November 22, 2024, in Chicago, Illinois and digitally. This event is the ultimate gathering for IT and Security professionals, developers, and business leaders from every corner of the world. During Ignite, dive into the latest AI innovations for AI transformation to learn from the brightest minds in the industry. Plus, discover solutions to help modernize and manage intelligent apps, protect your data, supercharge productivity, and expand your services. You’ll also have endless opportunities to network with partners and grow your community or business. While in-person passes are sold out, you can still register to participate online.

This year, we're thrilled about our sessions on Microsoft Entra. These breakouts are your all-access pass to not only hear about the cutting-edge advancements in identity and access management (IAM), but also to engage with Microsoft Entra experts and team members behind these innovations. Whether you're curious about advancing your Zero Trust architecture with identity and network, delving into the latest advancements in generative AI for securing access, or exploring our unified approach to identity and network access controls, we've got you covered!

Your complete guide to Microsoft Entra at Ignite:

Breakout sessions

Secure access for any identity to any resource with Microsoft Entra

BRK313 – Wednesday, November 20 | 11:00 AM – 11:45 AM CDT

https://aka.ms/Ignite2024/BRK313

Dive deep into the newest innovations and announcements for identity and network security solutions to establish Zero Trust access controls, secure access for employees, customers, and partners, and secure access in any cloud. Plus, see how generative AI and admin center tools boost efficiency and scale for your team.

Speakers: Alex Simons, Nichole Peterson

Secure access for your workforce with the new Microsoft Entra Suite

BRK314 – Wednesday, November 20 | 1:15 PM – 2:00 PM CDT

https://aka.ms/Ignite2024/BRK314

Identity is your first line of defense. But when identity and network access solutions operate in isolation and not in tandem, they can lead to increased complexity and inconsistent policies. Join us to learn how unifying Conditional Access across identities and network can help simplify your Zero Trust architecture. Find out how Microsoft Entra Suite can streamline employee onboarding, modernize remote access, and secure access to on-premises applications and internet resources.

Speakers: Irina Nechaeva, Jef Kazimer

Note for Microsoft partners: We are also hosting session BRK332 on Thursday, November 21st for you to learn about Microsoft Entra Suite and relevant business opportunities.

Accelerate your Zero Trust journey: Unify Identity and Network Access

BRK326 – Thursday, November 21 | 9:45 AM – 10:30 AM CDT

https://aka.ms/Ignite2024/BRK326

Discover how to accelerate your Zero Trust journey with a unified approach across identity and network. We will explore how Microsoft’s identity-centric Security Service Edge (SSE) solution can help you secure access to all private, on-premises, internet, and SaaS applications and resources from anywhere. Join us to learn about Microsoft’s technology partnerships, where you can further enhance your organization’s security posture.

Speakers: Sinead O’Donovan, John Savill, Abdi Saeedadabi

Theater sessions

Bring passkey into your passwordless journey with Microsoft Entra ID

THR659 – Thursday, November 21 | 5:15 PM – 5:45 PM CDT

https://aka.ms/Ignite2024/THR659

Many of our customers are either already deploying passwordless credentials or planning to do so in the next few years. Meanwhile, the industry is buzzing with excitement about passkeys. But what exactly are passkeys, and what do they mean for your organization’s passwordless journey? Join the Microsoft Entra ID product team as we explore the impact of passkeys on the passwordless ecosystem and share insights from Microsoft's own passkey implementation and customer experiences.

Speaker: Nitika Gupta

Security Copilot + Microsoft Entra: Secure access at the speed of AI

THR556 – Wednesday, November 20 | 4:15 PM – 4:30 PM CDT

https://aka.ms/Ignite2024/THR556

Discover how Security Copilot and Microsoft Entra revolutionize identity and access management using GenAI to strengthen Zero Trust. Accelerate tasks like troubleshooting and policy management to reduce downtime. Elevate security teams by bridging skill gaps, improving decision-making, and guiding complex tasks, ensuring a strong security posture in an evolving threat landscape. Scale with AI by automating insights and streamlining security operations.

Speakers: Sarah Scott, Mitch Muro

Lab session

Secure access to privileged apps and resources with Microsoft Entra ID

LAB546 – Wednesday, November 20 | 6:30 PM – 7:45 PM, Thursday, November 21 | 1:15 PM – 2:30 PM CDT

https://aka.ms/Ignite2024/LAB456

Enable your organization to confidently deploy privileged apps in alignment with Zero Trust. In this hands-on session, you'll learn to prevent identity-based attacks and secure access to resources with Microsoft Entra ID (formerly Azure AD). You’ll enable passkeys, phishing-resistant authentication, and Conditional Access, as well as implement access management, enable continuous access evaluation, and more, using labs from SC-300: Microsoft Identity and Access Administrator Associate.

Speakers: Robert Stewart, Danielle Augustin

Community Roundtable: Microsoft Entra Suite: Secure access for your employees

Join us for an engaging community table conversation, COM1053 about the Microsoft Entra Suite. Whether you're just beginning or looking to enhance your knowledge, this discussion will provide actionable insights and foster a collaborative environment for sharing experiences and strategies to help you further your Zero Trust user access security. You won't want to miss this opportunity to learn from peers and experts alike!

Expert meetup

Want to connect with Microsoft Entra experts and team members in-person while at Ignite? Visit the Expert meetup stations in the Microsoft Hub to ask questions and view demos.

Catch us at the Secure the Night party

Join Microsoft Security’s “Secure the Night” party on November 20 for an evening of exciting entertainment, food and refreshments, and the opportunity to connect informally with our Microsoft Security teams.

Make sure to bring your Microsoft Ignite Badge for entry.

Registration is OPEN and is required to attend.

The entire team looks forward to meeting you at Microsoft Ignite, whether in Chicago or in the chat rooms for our breakout sessions. Your feedback and partnership are essential to the continuous development of Microsoft Entra innovations.

Don't miss this opportunity to connect, learn, and grow at Microsoft Ignite 2024!

Irina Nechaeva

General Manager, Microsoft Entra

Learn more about Microsoft Entra

Introducing Lineage Tracking for Azure Databricks Unity Catalog in Microsoft Purview

Security, Compliance, and Identity Blog - lun, 28/10/2024 - 17:11

We’re thrilled to announce the release of a highly anticipated feature in Microsoft Purview: lineage tracking for Azure Databricks Unity Catalog. This marks a significant milestone in our ongoing efforts to enhance data governance and visibility across cloud environments.

By leveraging this new functionality, users can now track data flow across their Azure Databricks notebooks, improving the ability to audit, monitor, and manage data movement. With data increasingly flowing through complex, cloud-native platforms like Azure Databricks, having clear, end-to-end visibility is crucial for compliance, troubleshooting, and operational excellence.

What is Data Lineage?

Data lineage refers to the ability to track the origins, movements, and transformations of data as it flows across different systems and processes. It helps organizations answer key questions like:

Where does this data come from?
How is the data transformed and used?
Which processes or users have modified the data?

In the context of Azure Databricks Unity Catalog, lineage shows how data flows through notebooks, allowing users to see which sources fed into their analyses and where the processed data is stored. By providing this visibility, data lineage helps improve transparency, making it easier to understand the lifecycle of data, diagnose errors, and ensure compliance with data governance policies.

Microsoft Purview can capture lineage at both the Unity Catalog table/view level and the column level.

What Are the Prerequisites for Enabling Lineage?

In addition to standard prerequisites for Azure Databricks Unity Catalog scans in Microsoft Purview (such as an active Azure subscription, Purview setup, and integration runtime), the following are key requirements specifically for fetching lineage:

Enable System Schema: The system.access schema must be enabled in Unity Catalog, as lineage data is stored in system tables.
User Privileges: The scanning account needs SELECT privileges on the following system tables:

system.access.table_lineage
system.access.column_lineage

These permissions are essential for Purview to retrieve lineage from Azure Databricks.

How to fetch lineage during scans?

To enable lineage during the scan setup in Microsoft Purview, follow the standard steps for configuring a Azure Databricks scan (register the source, configure runtime, etc.). The critical action required for lineage is:

Toggle Lineage Extraction: When configuring the scan, ensure that Lineage Extraction is set to On. This will enable Microsoft Purview to fetch the lineage of the scanned Azure Databricks assets, including the flow of data through notebooks.

Then go ahead, run your scan and go grab a cup of coffee while Microsoft Purview does its magic!

Example: Comparing Lineage Views in Azure Databricks and Microsoft Purview

After enabling lineage and running a scan, all catalogs from Azure Databricks Unity Catalog will begin to appear in the Microsoft Purview Data Map. This means you’ll see a unified view of data sources across both systems, allowing for easy tracking of data flow and transformations.

Azure Databricks lineage: Shows lineage for datasets and transformations within your notebooks, highlighting dependencies.

Microsoft Purview lineage: Displays lineage across catalogs in a visual, end-to-end data flow.

These visual comparisons give you a clear understanding of how each platform captures and displays data lineage, making it easier to manage and trace your data flows.

What’s Next for Azure Databricks Lineage?

Currently only Azure Databricks notebook lineage is available, but we’re not stopping there!

Microsoft is actively working with Azure Databricks to bring lineage for jobs and pipelines, ensuring comprehensive tracking of data across your Azure Databricks environment. We continue to push the boundaries of data governance, making it easier for organizations to get full visibility into their data processes.

Stay tuned for future updates as we expand this functionality, bringing you even more insights and control!

Manage Microsoft Entra ID role assignments with Microsoft Entra ID Governance

Microsoft Entra Blog - lun, 28/10/2024 - 17:00

I’m excited to announce that we now support Microsoft Entra role assignments in Microsoft Entra ID Governance's Entitlement Management feature! 

To ensure least privilege, many of you are using Privileged Identity Management to provide IT administrators just-in-time (JIT) access to the least privileged role assigned. This approach allows you to minimize the attack surface in your organization by reducing the number of permissions IT administrators have. However, some admins in your organization may require long-standing permissions coupled with other resources, like specific applications.  

Now, you can use Microsoft Entra ID Governance to assign Microsoft Entra roles to users and groups through Entitlement Management access packages. This helps you: 

Minimize impact of security breaches by setting eligibility for privileged roles in Privileged Identity Management and reducing unnecessary access. 
Ensure that the right people have access to the right resources and roles with periodic access reviews. 
Scale role assignments as your organization grows using self-service access request processes. 
Enable business functions by combining assignment of tools or applications with the Microsoft Entra roles required to use them for increased visibility and ease of management.

We’ve seen customers use this capability in scenarios such as: 

IT helpdesk: Reduce administrator fatigue by delegating IT support tasks to helpdesk employees. 
Application administration: Ensure regulatory compliance by managing access to sensitive applications. 
Operations: Empower security operations center analysts with monitoring tools and the ability to read logs.

Managing assignment of Microsoft Entra ID roles through access package policies enables control of the full role assignment lifecycle from request, to approval, to provisioning of that role.  

Let’s explore how you can leverage Microsoft Entra ID Governance to manage the role assignment lifecycle. 

Scenario: Automate Microsoft Entra role assignments with self-service processes

Imagine your organization's Support department is expanding by hiring 50 new IT helpdesk staff. Manually assigning Microsoft Entra roles to each user is neither efficient nor repeatable by Identity Access Management (IAM) team to meet compliance and audit requirements.

Tenant administrators can streamline this by creating an access package with the necessary roles, allowing IT staff to request access via the My Access portal and delegating approvals to the Helpdesk department managers. This frees up the IAM team to focus on security by utilizing Microsoft Entra ID Governance policies and user self-service capabilities. 

To limit standing access for the Helpdesk Administrator role, you can set eligibility in the access package, requiring users to just-in-time activate the role through Privileged Identity Management (PIM) when needed. 

Here’s how you can do it in three easy steps: 

1. Create an access package and add the Helpdesk Administrator Microsoft Entra role as “Eligible member” and Service Support Administrator as “Active member”. 

Figure 1: How to add Microsoft Entra roles as resources of an access package.

2. Allow members of the IT Helpdesk group to request access and configure approval settings.

Figure 2: Policy configuration targeting the IT Helpdesk group as users who can request access.

Figure 3: Approval settings.

You can set up periodic access reviews to remove role assignments when access is no longer required.

3. In the Lifecycle tab, configure expiration and require access reviews. You can select the review frequency and specify who will conduct the reviews. 

Figure 4: Access review configuration for the access package.

By applying these governance processes, you can ensure least privileged access for all your IT administrators, reducing the risk of unnecessary access and potential misuse. Combining this new feature with other governance features like Lifecycle workflows ensures that role assignments are removed automatically when those IT administrators leave the organizations or change roles. This enables your organization to operate more smoothly and securely.

Give it a try 

We’re excited about this new capability, and we'd love for you to try it out! If you’ve already got Microsoft Entra ID Governance, you’re ready to go! If you don’t, but already have Microsoft Entra ID Premium, you have two ways to enable this feature:  

You can set up a trial of Microsoft Entra ID Governance or upgrade to Microsoft Entra ID Governance by purchasing licenses online via our licensing partners or directly from Microsoft if they work with a Microsoft account team. 

You can also set up a trial of Microsoft Entra Suite, which includes Microsoft Entra ID Governance.

Joseph Dadzie

Read more on this topic

Learn more about Microsoft Entra

Upcoming design updates: Microsoft Purview Message Encryption Portal

Security, Compliance, and Identity Blog - mar, 22/10/2024 - 20:21

The Microsoft Purview Message Encryption portal will undergo minor design updates to align with Purview branding. Microsoft will be updating fonts, colors, controls, and more to align with Purview branding. These changes are designed to enhance the user experience without causing any disruptions. Microsoft will begin rolling out changes mid-October 2024 and expects to complete by mid-December 2024.

Users will see minor design changes within the user interface (UI) - fonts, colors, controls, and more are updated to align with Purview branding.

See below for side-by-side comparisons of Login, One-time passcode, View attachment, and reply UI in the portal.

Login with branding customization (before)

Login with branding customization (after)

One time passcode (before)

One time passcode (after)

View mail (before)

View mail (after)

View attachment (before)

View attachment (after)

'Reply' editor has also been updated:

Removed the bottom button bar.
Moved the emoji button to the formatting bar.
Relocated the toggle formatting option button to the top bar.
Updated the insert table control to allow size entry.

Reply mail (before)

Reply mail (after)

If your organization has captured screenshots of the portal in your documentation, you may consider updating it as appropriate.

The latest enhancements in Microsoft Authenticator

Microsoft Entra Blog - mar, 22/10/2024 - 18:00

Hi folks,

I'm thrilled to announce three major Microsoft Entra ID advancements that will help you protect your users with phishing-resistant authentication:

Public preview refresh: Device-bound passkey support in Microsoft Authenticator
Public preview: Support for FIDO2 security keys on native brokered applications, such as Outlook and Teams, on Android 14
General availability: FIPS compliance for Microsoft Authenticator on Android

These advancements are crucial, not only for adhering to the US Executive Order 14028 on Improving the Nation's Cybersecurity, but also for safeguarding all organizations and users who rely on secure digital identities. Let’s dig deeper!

Public preview refresh: Device-bound passkey support in Microsoft Authenticator

During World Password Day in May, we announced the public preview of device-bound passkey support in Microsoft Authenticator for iOS and Android, tailored for organizations with higher security assurance requirements. We’re now refreshing this feature with some exciting new capabilities!

During public preview, we received valuable feedback from customers that the registration experience for passkeys can be cumbersome and error-prone. Some users, when registering from their laptops, encountered as many as 19 steps, missed essential prerequisites like enabling Bluetooth on their device, or inadvertently set up their passkey with an unsupported provider. Based on this feedback, we’ve improved the registration flow to provide a more tailored experience to ensure users are successful when registering their passkey. We've also optimized the registration process by initially directing users to sign into the Authenticator app. This approach provides a seamless experience, guiding users through prerequisites, while significantly reducing contextual switches between devices.

In addition to enhancing the user experience, we’ve also strengthened the security posture by introducing attestation support. When configured, we leverage Android and iOS APIs to verify the legitimacy of the Microsoft Authenticator app on the user's device prior to registering the passkey.

Figure 1: Passkey in Microsoft Authenticator

These two capabilities are now in preview, and we highly encourage you to start piloting these features in your organization and share your feedback with us as we prepare for general availability coming soon.

To get started, please refer to our documentation. To learn more about passkey support in Microsoft Entra ID, please read our original announcement, Public preview: Expanding passkey support in Microsoft Entra ID.

Public preview: Passkey (FIDO2) authentication in brokered Microsoft applications on Android

In conjunction to the public preview refresh of passkey support in Microsoft Authenticator, we’re also introducing public preview support for passkey (FIDO2) authentication within brokered Microsoft applications on Android. Users can now use a FIDO2 security key or passkey in the Microsoft Authenticator app to sign into Microsoft apps, such as Teams and Outlook, when either the Microsoft Authenticator app or Microsoft Intune Company Portal app is installed as the authentication broker on an Android 14+ device.

Support for FIDO2 security key sign-in to brokered Microsoft apps on Android 13 will be coming in the following months.

General availability: FIPS compliance for Microsoft Authenticator on Android

Microsoft Authenticator on both iOS and Android is now FIPS 140 compliant. While iOS Authenticator app has been FIPS 140 compliant since December 2022, we released the FIPS 140 compliant version of the Android Authenticator app in September 2024.

FIPS 140 compliance for Microsoft Authenticator helps federal agencies meet the requirements of Executive Order (EO) 14028, “Improving the Nation’s Cybersecurity” and healthcare organizations with Electronic Prescriptions for Controlled Substances (EPCS). 

All authentications in Microsoft Entra ID with Authenticator including passkeys, passwordless phone sign-in, multifactor authentication (MFA), and one-time password codes are considered FIPS compliant. No changes in configuration are required in Microsoft Authenticator or Microsoft Entra ID admin center to enable this capability. Users on Microsoft Authenticator version 6.2408.5807 and higher on Android will be FIPS 140 compliant by default for Microsoft Entra ID authentication.

Microsoft Authenticator on Android uses WolfSSL Inc.’s wolfCrypt module to achieve FIPS 140-3 Level 1 compliance. For additional details on the certification being used, refer to Cryptographic Module Validation Program information.

With these releases, we’ve significantly upleveled the user experience and security posture of Microsoft Authenticator, making it easier for you to achieve your phishing-resistance goals. If you haven't considered phishing-resistance yet, we highly recommend doing so. You can use our updated passwordless deployment guide to get started on this journey.

We look forward to you trying out these improvements and sharing your feedback.

Thank you,

Nitika Gupta

Learn more about Microsoft Entra

Streamlining AI Compliance: Introducing the Premium Template for Indonesia's PDP Law in Purview

Security, Compliance, and Identity Blog - lun, 14/10/2024 - 01:00

Accelerating Compliance in the AI Era: Introducing the Premium Assessment Template for Indonesia’s PDP Law in Purview Compliance Manager

In an increasingly complex regulatory landscape, businesses are under growing pressure to comply with both local and global data privacy laws, while simultaneously building trust with their customers. As AI and digital technologies continue to transform industries, aligning solutions with regulatory requirements has never been more critical. To help organizations navigate these challenges, we’re excited to introduce the Premium Assessment Template for Indonesia’s Personal Data Protection (PDP) Law in Microsoft Purview Compliance Manager.

What Is the Premium Assessment Template?

The Premium Assessment Template for Indonesia’s PDP Law in Purview Compliance Manager is a robust tool designed to help customers streamline compliance efforts. This template automates critical tasks supportive of compliance, simplifying the assessment process and helping businesses quickly and efficiently meet the requirements of the law.

With Microsoft’s shared responsibility model, the template integrates seamlessly with our E5 security and Purview solutions, helping customers align their compliance efforts with their broader security and data protection strategies.

What Does This Mean for Customers?

The release of the Premium Assessment Template means that businesses no longer need to face the complexities of Indonesia’s PDP Law alone. By leveraging the Purview Compliance Manager, organizations can manage compliance more effectively and reduce the burden of manual work.

Key benefits for customers include:

Simplified Compliance Management: The template breaks down the specific requirements of the PDP Law and maps them to Microsoft’s tools and controls, helping to make you work towards compliance faster and more straightforward.
Automation to Reduce Workload: By automating essential compliance tasks, the template minimizes manual effort and reduces the risk of human error.
Building Trust Through Compliance: In an AI-driven world, trust is paramount. The Premium Assessment Template helps businesses demonstrate their commitment to regulatory compliance, building confidence among customers, stakeholders, and regulators.
Seamless Integration with E5 Security and Purview Solutions: The template showcases how Microsoft’s E5 security and Purview solutions directly align with the PDP Law.

Explore the White Paper

To further support your compliance journey, we have developed a comprehensive white paper on Indonesia’s PDP Law and how Microsoft’s solutions, including Purview Compliance Manager, can help businesses meet these new regulatory standards. This white paper offers valuable insights into the law and how our tools can assist in ensuring compliance.

You can access the white paper here.

Empowering Sellers to Drive Momentum

We will also be hosting an upcoming session to educate sellers on how to leverage the Premium Assessment Template and white paper to accelerate sales cycles and help customers comply with Indonesia’s PDP Law. By showcasing the alignment of E5 security and Purview solutions with regulatory requirements, sellers can demonstrate how Microsoft’s products not only help customers meet compliance standards but also enhance their security posture.

Conclusion

As businesses face growing regulatory demands, Microsoft’s Purview Compliance Manager Premium Assessment Template for Indonesia’s PDP Law offers a powerful, automated solution that helps organizations meet their obligations efficiently. By using this template and the insights from the white paper, companies can build trust, make strides towards ensuring compliance, and stay secure in today’s AI-driven world.

Learn more about Microsoft Purview Compliance Manager:

Microsoft Purview Compliance Manager regulations list
Overview Microsoft Purview Compliance Manager
Microsoft Purview service description
Microsoft Purview Compliance Manager FAQ

Note: Nothing in this document or any documents referenced herein should be construed as (i) legal advice, (ii) a comprehensive or accurate account of the requirements of Indonesia’s Personal Data Protection (PDP) Law, or (iii) a claim that use of the referenced products or services is sufficient for compliance with such requirements.

Microsoft Security announcements and demos at Authenticate 2024

Microsoft Entra Blog - mer, 09/10/2024 - 18:00

The Microsoft Security team is excited to connect with you next week at Authenticate 2024 Conference, taking place October 14 to 16 in Carlsbad, CA! With the rise in identity attacks targeting passwords and MFA credentials, it’s becoming increasingly clear that phishing resistant authentication is critical to counteract these attacks. As the world shifts towards stronger, modern authentication methods, Microsoft is proud to reaffirm our commitment to passwordless authentication and to expanding our support for passkeys across products like Microsoft Entra, Microsoft Windows, and Microsoft consumer accounts (MSA).

To enhance security for both consumers and enterprise customers, we’re excited to showcase some of our latest innovations at this event:

We look forward to demonstrating these new advancements and discussing how to take a comprehensive approach to modern authentication at Authenticate Conference 2024.

Where to find Microsoft Security at Authenticate 2024 Conference

Please stop by our booth to chat with our product team or join us at the following sessions:

Session Title

Session Description

Time

Passkeys on Windows: Paving the way to a frictionless future!

UX Fundamentals

Discover the future of passkey authentication on Windows. Explore our enhanced UX, powered by Microsoft AI and designed for seamless experiences across platforms. Join us as we pave the way towards a passwordless world.

Speakers:

Sushma K. Principal Program Manager, Microsoft

Ritesh Kumar Software Engineer, Microsoft

October 14th

12:00 - 12:25 PM

Passkeys on Windows: New platform features

Technical Fundamentals and Features

This is an exciting year for us as we’re bringing some great passkey features to Windows users. In this session, I’ll discuss our new capabilities for synced passkeys protected by Windows Hello, and I’ll walk through a plugin model for third-party passkey providers to integrate with our Windows experience. Taken together, these features make passkeys more readily available wherever users need them, with the experience, flexibility, and durability that users should expect when using their passkeys on Windows.

Speaker:

Bob Gilbert Software Engineering Manager, Microsoft

October 14th

2:30 - 2:55 PM

We love passkeys - but how can we convince a billion users?

Keynote

It’s clear that passkeys will be core component of a passwordless future. The useability and security advantages are clear. What isn’t as clear is how we actually convince billions of users to step away from a decades-long relationship with passwords and move to something new. Join us as we share insights on how to accelerate adoption when users, platforms, and applications needs are constantly evolving. We will share practical UX patterns and practices, including messaging, security implications,

and how going passwordless changes the concept of account recovery.

Speakers:

Scott Bingham Principal Product Manager, Microsoft

Sangeeta Ranjit Group Product Manager, Microsoft

October 14th

5:05 – 5:25 PM

Stop by our booth #402 to speak with our product team in person!

Stop counting actors... Start describing authentication events

Vision and Future

We began deploying multifactor authentication because passwords provided insufficient security. More factors equal more security, right? Yes, but we continue to see authentication attacks such as credential stuffing and phishing! The identity industry needs to stop thinking in the quantity of authentication factors and start thinking about the properties of the authentication event. As we transition into the era of passkeys, it’s time to consider how we describe the properties of our authentication event. In this talk, we’ll demonstrate how identity providers and relying parties can communicate a consistent, composable collection of authentication properties. To raise the security bar and provide accountability, these properties must communicate not only about the authentication event, but about the security primitives underlying the event itself. These properties can be used to drive authentication and authorization decisions in standalone and federated environments, enabling clear, consistent application of security controls.

Speakers:

Pamela Dingle Director of Identity Standards, Microsoft

Dean H. Saxe Principal Engineer, Office of the CTO, Beyond Identity

October 16th

10:00 – 10:25 AM

Bringing passkeys into your passwordless journey

Passkeys in the Enterprise

Most of our enterprise customers are deploying some form of passwordless credential or planning to in the next few years, however, the industry is all abuzz with excitement about passkeys. What do passkeys mean for your organization’s passwordless journey? Join the Microsoft Entra ID product team as we explore the impact of passkeys on the passwordless ecosystem, share insights from Microsoft's own passkey implementation and customer experiences.

Speakers:

Tim Larson – Senior Product Manager, Identity Network and Access, Security, Microsoft

Micheal Epping – Senior Product Manager, Microsoft

October 16th

11:00 – 11:25 AM

We can’t wait to see you in Carlsbad, CA for Authenticate 2024 Conference

Jarred Boone, Senior Product Marketing Manager, Identity Security

Read more on this topic

Learn more about Microsoft Entra

Make the most of your time at Microsoft Ignite!

Security, Compliance, and Identity Blog - mer, 09/10/2024 - 17:56

Companies that strengthen their security with AI and safeguard their AI with security will be the lasting industry leaders. Join us at Microsoft Ignite 2024, November 18-22, to learn how you can create a security-first culture in the age of AI. The in-person experience is sold out, but security professionals can join us virtually to be a part of the Microsoft Security @ Microsoft Ignite Experience online.

Whether you are joining us live or catching Microsoft Ignite on-demand, you won’t want to miss the product announcements, demos and technical training across your favorite Microsoft Security solutions. Keep reading for a preview of sessions you can expect.

We have exciting news on the way

Microsoft Ignite is not just another tech conference; it's a comprehensive learning experience tailored to meet the needs of security professionals. Start your security experience with the Microsoft Ignite opening keynote on Tuesday, November 19 to hear how Microsoft is putting security first companywide. Then join Microsoft Security’s top engineering and business leaders at the security general session to be the first to hear our most exciting security product news.

Throughout the conference, join product experts for demos and detailed walk-throughs of how new features will help you put security first in your organization and best position your organization in the age of AI. Together with our partners, we will offer 30 technical breakout sessions, twelve theatre presentations, six hands-on labs, and more than 10 live product demonstrations.

Don’t miss these security breakout sessions

To make the most of Microsoft Ignite, check out the full security session catalog – and the highlights below.

Exploring end-to-end protection with new Microsoft solutions: Don’t miss the unveiling of the latest solutions for end-to-end threat detection, robust defense mechanisms, and effective response protocols. Attendees will gain valuable insights into how to fortify their security posture, mitigate risks, and ensure resilience against cyberattacks.
Transform your security with GenAI innovations in Security Copilot: Learn about the latest innovations in Security Copilot, including AI-driven automation capabilities and new use cases that elevate security organization-wide.
Secure access for your workforce with the new Microsoft Entra Suite: Identity is your first line of defense. Join us to learn how unifying Conditional Access across identities and network can help simplify your Zero Trust architecture.
Proactive security with continuous exposure management: Microsoft Security Exposure Management unifies disparate data silos for visibility of end-to-end attack surface, providing automatic ongoing generation of possible attack paths to critical assets and context-based prioritized recommendations to improve security posture across on-premises, hybrid and multi-cloud.
Secure and govern custom AI built on Azure AI and Copilot Studio: Find out how Microsoft can help you enable data security and compliance controls for your custom AI apps, manage vulnerabilities in your AI stack, and detect and respond to emerging AI threats such as prompt injections and model theft.

There are more sessions to explore. Register for free and visit the Session Catalog to see the rest.

In-person attendees: Connect & thrive at our networking events

All work and no play? Not at Microsoft Ignite!

In addition to seeing the latest technology firsthand, Microsoft Ignite offers many opportunities to unwind, make new connections, and hang out with Microsoft Security experts. For security professionals who are attending in-person, join your peers at our Secure the Night Party to celebrate the security community on Wednesday, November 20. RSVP today. And before heading home, get together to network with over 10,000 attendees at the Microsoft Ignite Closing Party on Thursday, November 21st.

And for those who are joining virtually, Session Catalog for more details on the expanded security experience designed just for you.

What's new in Microsoft Entra - September 2024

Microsoft Entra Blog - mar, 08/10/2024 - 18:00

We’re excited to announce the general availability of Microsoft Entra Suite—one of the industry’s most comprehensive secure access solutions for the workforce. With 66% of digital attack paths involving insecure credentials1, Microsoft Entra Suite helps prevent security breaches by enabling secure access to cloud and on-premises apps with least privilege, inside and outside the corporate perimeter. It unifies network access, identity protection, governance, and verification to streamline onboarding, modernize remote access, and ensure secure access to apps and resources. Get started with a Microsoft Entra Suite trial.

Last November, we launched the Secure Future Initiative (SFI) at Microsoft to combat the increasing scale of cyberattacks. Security now drives every decision we make, as detailed in the September 2024 SFI Progress Report. Today, we’re sharing new security improvements and innovations across Microsoft Entra from July to September 2024, organized by product to help you quickly find what’s relevant to your deployment.

Watch the video "What's New in Microsoft Entra" for a quick overview of product updates and visit the What's New blade in the Microsoft Entra Admin Center for detailed information.

Microsoft Entra ID

New releases

Change announcements

Security improvements

Upcoming MFA enforcement on Microsoft Entra admin center

[Action may be required]

As part of our commitment to providing our customers with the highest level of security, we previously announced that Microsoft will require multifactor authentication (MFA) for users signing into Azure. We’d like to share an update that the scope of MFA enforcement includes Microsoft Entra admin center in addition to the Azure portal and Intune admin center. This change will be rolled out in phases, allowing organizations time to plan their implementation:

Phase 1: Starting on or after October 15, 2024, MFA will be required to sign into the Entra admin center, Azure portal, and Intune admin center. The enforcement will gradually roll out to all tenants worldwide. This phase will not impact other Azure clients such as the Azure Command Line Interface, Azure PowerShell, Azure mobile app, and Infrastructure as Code (IaC) tools.

Phase 2: Beginning in early 2025, gradual enforcement of MFA at sign-in for the Azure CLI, Azure PowerShell, Azure mobile app, and Infrastructure as Code (IaC) tools will commence.

Microsoft will send a 60-day advance notice to all Entra global admins by email and through Azure Service Health Notifications to notify them of the start date of enforcement and required actions. Additional notifications will be sent through the Azure portal, Entra admin center, and the M365 message center.

We understand that some customers may need additional time to prepare for this MFA requirement. Therefore, Microsoft will allow extended time for customers with complex environments or technical barriers. The notification from us will also include details about how customers can postpone the start date of enforcement for their tenants, the duration of the postponement, and a link to apply. To learn more, read the blog, “MFA enforcement for Microsoft Entra admin center sign-in coming soon.”

Date change announcement: Deprecation of keychain-backed device identity for Apple devices

[Action may be required]

Earlier this year, we announced the upcoming deprecation of keychain-backed device identity for Apple devices on the Microsoft Entra ID platform. The previously announced deprecation date of June 2026 has been accelerated to June 2025 as part of our commitment to secure design and defaults. This change is being made to enhance device security and better protect your data.

Once in effect, this deprecation will ensure that newly registered Apple devices managed by Microsoft Entra ID use strong, hardware-bound cryptographic secrets, backed by Apple’s Secure Enclave. To learn more, we encourage you to review our updated documentation on this deprecation. We advise both consumers and vendors of applications to test their software for compatibility with this new datastore.

Upgrade to the latest version of Microsoft Entra Connect by April 2, 2025

[Action may be required]

In early October 2024, we will release a new version of Microsoft Entra Connect Sync that contains a back-end service change that further hardens our services. To avoid service disruptions, customers are required to upgrade to that version (2.4.XX.0) by early April 2025 (exact deadline to be announced upon version release).

Review our roadmap for a timeline of upcoming releases, so that you can plan your upgrade accordingly. We will auto-upgrade customers where supported, alongside an early 2025 release of Connect Sync. For customers who wish to be auto-upgraded, ensure that you have auto-upgrade configured.

For a list of minimum requirements and expected impacts of the service change, please refer to this article. For upgrade-related guidance, check out our docs.

New Certificate Authorities (CAs) for login.microsoftonline.com: Action required from customers who only trust DigiCert certificates

[Action may be required]

Microsoft Entra ID is introducing new Certificate Authorities (CAs) for server certificates for the domain login.microsoftonline.com. Currently, connections to login.microsoftonline.com are exclusively presented with DigiCert certificates. Starting on October 1, 2024, you may also encounter certificates issued by Microsoft Azure CAs. This update is designed to enhance security and improve the resilience of Entra ID. This could impact customers who do not trust Microsoft Azure CAs or have pinned client-side to DigiCert certificates, as they may experience authentication failures.

Recommended Action:

To prevent potential issues, we recommend trusting all Root and Subordinate CAs listed in the Azure Certificate public documentation. This documentation has included Microsoft Azure CAs for over a year. If you are an Entra ID user who uses the login.microsoftonline.com domain, it’s crucial to remove any client-side pinning to DigiCert and trust the new Azure CAs for a seamless transition. For more details on how to ensure uninterrupted and secure service, please read the Client Compatibility for public PKIs documentation.

Microsoft Copilot update to enterprise data protection

[No action is required]

Last month, we made several updates to the free Microsoft Copilot service for users with a Microsoft Entra account to enhance data security, privacy, and compliance and simplify the user experience. For users signed in with an Entra account, Microsoft Copilot will offer enterprise data protection (EDP) and redirect users to a new simplified, ad-free user interface designed for work and education.

With EDP in Microsoft Copilot, your data is private, it isn’t used to train foundation models, and we help protect it at rest and in transit with encryption. For more details on EDP, please review our documentation.

If you or your users have a Microsoft 365 subscription in addition to an Entra account, you can enable in-app access by pinning Microsoft Copilot. If you elect to pin Microsoft Copilot for your users, it will appear in the Microsoft 365 app starting mid-September, and it will be coming soon to Microsoft Teams and Outlook. Additional functionality in Microsoft Copilot like chat history is also available for users with a Microsoft 365 subscription.

For additional information about these changes, whether you or your users have a Microsoft 365 subscription or not, please visit our blog and FAQ.

We hope you are as excited as we are about these updates to Microsoft Copilot. If you would like to try Microsoft Copilot updated with enterprise data protection prior to mid-September, a private preview is available (space limited). To apply, please fill out our form.

Enable Browser Access (EBA) by default for all Android users

[No action is required]

As part of ongoing security hardening, we are deprecating the Enable Browser Access (EBA) user interface in the Android Authenticator and Company Portal apps. Consequently, browser access will be enabled by default for all Android users. This change will occur automatically, so no action is required from admins or Android users.

Restricted permissions on Directory Synchronization Accounts (DSA) role in Microsoft Entra Connect Sync and Cloud Sync

[No action is required]

As part of ongoing security hardening, we’ve removed unused permissions from the privileged "Directory Synchronization Accounts" role. This role is exclusively used by Connect Sync and Cloud Sync to synchronize Active Directory objects with Entra ID. There is no action required by customers to benefit from this hardening. Please refer to the documentation for details on the revised role permissions.

Upcoming improvements to the SSO enrollment dialog

[No action is required]

We’re making some improvements to the end user experience when users add their account to a Windows device. We've refined the messaging in the SSO enrollment dialog (consent) to make it easier for end users to understand the choice(s) they can make and the impact of their choice(s). The changes also include a 'Learn more' link on the screen. The link points to a Microsoft Learn article that provides users with more information that will further enable them to make informed choice(s). The new SSO enrollment dialog will be gradually introduced starting in October 2024. Please check here for more details.

Identity modernization

Important Update: Azure AD Graph Retirement

[Action may be required]

The retirement of the Azure AD Graph API service began on 1 September 2024, and will eventually impact both new and existing applications. As we deploy the phase starting over the coming weeks, new applications will not be able to use Azure AD Graph APIs unless they are configured for extended access. Microsoft Graph is the replacement for Azure AD Graph APIs, and we strongly recommend immediately migrating use of Azure AD Graph APIs to Microsoft Graph and limiting any further development using Azure AD Graph APIs.

Timeline for incremental retirement of Azure AD Graph API service 

Phase start date 

Impact to existing apps 

Impact to new apps 

1 September 2024 

None. 

New apps are blocked from using Azure AD Graph APIs, unless the app is configured to allow extended Azure AD Graph access by setting blockAzureAdGraphAccess to false.   Any new apps must use Microsoft Graph 

1 February 2025  

Application is unable make requests to Azure AD Graph APIs unless it is configured to allow extended Azure AD Graph access by setting blockAzureAdGraphAccess to false.   

1 July 2025 

Azure AD Graph is fully retired. No Azure AD Graph API requests will function. 

Action required:

To avoid service disruptions, please follow our instructions to migrate applications to Microsoft Graph APIs.

If you need to extend Azure AD Graph access for an app to July 2025

If you have not fully completed app migrations to Microsoft Graph, you can extend this retirement. If you set the blockAzureADGraphAccess attribute to false in the application’s authenticationBehaviors configuration, the application will be able to use Azure AD Graph APIs through June 30, 2025. Further documentation can be found here.  

New applications will receive a 403 error when attempting to access Azure AD Graph APIs unless this setting is set to false. For existing applications that will not complete migration to Microsoft Graph in 2024, you should plan to set this configuration now.

If you need to find Applications in your tenant using Azure AD Graph APIs 

The Microsoft Entra recommendations feature provides recommendations to put your tenant in a secure and healthy state, while also helping you maximize the value of the features available in Entra ID.    

We’ve provided two Entra recommendations that show information about applications and service principals that are actively using Azure AD Graph APIs in your tenant. These new recommendations can support your efforts to identify and migrate the impacted applications and service principals to Microsoft Graph. 

References:

Important Update: AzureAD PowerShell and MSOnline PowerShell retirement

[Action may be required]

As of March 30, 2024, the legacy Azure AD PowerShell, Azure AD PowerShell Preview, and MS Online modules are deprecated. These modules will continue to function through March 30, 2025, after which they will be retired and stop functioning. Microsoft Graph PowerShell SDK is the replacement for these modules and you should migrate your scripts to Microsoft Graph PowerShell SDK as soon as possible.

To help you identify usage of Azure AD PowerShell in your tenant, you can use the Entra Recommendation titled Migrate Service Principals from the retiring Azure AD Graph APIs to Microsoft Graph. This recommendation will show vendor applications that are using Azure AD Graph APIs in your tenant, including AzureAD PowerShell.

We are making substantial new and future investments in the PowerShell experience for managing Entra, with the recent Public Preview launch of the Microsoft Entra PowerShell module. This new module builds upon the Microsoft Graph PowerShell SDK and brings scenario-focused cmdlets. It’s fully interoperable with all cmdlets in the Microsoft Graph PowerShell SDK, enabling you to perform complex operations with simple, well documented commands. The module also offers a backward compatibility option to simplify migration from the deprecated AzureAD Module.

Microsoft Graph APIs were recently made available to read and configure Per-user MFA settings for users, and availability in Microsoft Graph PowerShell SDK cmdlets is soon to follow.

License assignment modifications will no longer be supported in the Microsoft Entra Admin Center

[Action may be required]

This is a courtesy reminder that, in mid-September, we rolled out a change that no longer supports the modification of user and group license assignments in the Microsoft Entra Admin Center and the Microsoft Azure Admin Portal. Moving forward, you will have read-only access to license assignments in these portals. If you wish to modify user and group license assignments via the user interface, you will need to visit the Microsoft 365 Admin Center. Please note that this change does not impact the API or PowerShell modules. If you experience any issues with license assignment, please reach out to Microsoft 365 support. To learn more, click here.

Dynamic type versioning in Bicep templates for Microsoft Graph

[Action may be required]

In October 2024, we're introducing an update to the Bicep templates for Microsoft Graph public preview. The dynamic types feature enables semantic versioning for Microsoft Graph Bicep types for both beta and v1.0. During Bicep file authoring, you specify a Microsoft Graph Bicep type version referenced from the Microsoft artifact registry, instead of using a built-in Nuget package which is the current experience. Using dynamic types will allow for future breaking changes in existing Microsoft Graph Bicep resource types without impacting deployment of your existing Bicep files that use older versions of those resource types.

Built-in types are deprecated and will be retired on January 24, 2025. Until the retirement date, built-in types will coexist with the new dynamic types. Any Microsoft Graph Bicep type changes will only be available through new versions of the dynamic types.

Action required:

Switch to the new dynamic types before 24th January 2025 to avoid Bicep template deployment failures. The switch will involve making some minor updates to your bicepconfig.json and main Bicep files. Additionally, to take advantage of any updated or new Microsoft Graph resource types, you will need to update the type version that your Bicep files use. For next steps, click here.

Retirement of legacy user authentication methods management experience in Entra Portal

[No action is required]

Starting October 31st, 2024, we will retire the ability to manage user authentication methods in the Entra Portal via the legacy user interface (UI). Instead, we will only surface the modern UI which has full parity with the legacy experience in addition to the ability to manage modern methods (e.g. Temporary Access Pass, Passkeys, QR+Pin, etc.) and settings. This will not impact how end users can manage their own authentication methods or their ability to sign-in to Entra. Learn more at Manage user authentication methods for Microsoft Entra multifactor authentication.

Deprecating Enable Browser Access (EBA) UI

[No action is required]

EBA is a feature in Android broker apps (such as Company Portal and Authenticator) that enables duplicating the Entra ID device registration certificate to a global keychain location on the Android device. This allows browsers that are not integrated with brokers, such as Chrome, to access the certificate for device authentication, which is required to comply with Entra device compliance policies.

As part of our overall security hardening efforts, we're migrating Entra ID device registration certificates and Android device identities to be hardware-bound. This will enable token protection policies in the future and protect against bypassing device compliance policies. Since the device identity will be hardware-bound, the EBA UI will no longer be able to duplicate and export keys on demand. We plan to deprecate the Enable Browser Access (EBA) UI in the Authenticator and Company Portal apps, and browser access (e.g., Chrome) will automatically be enabled during device registration.

This capability already exists for Intune MDM users. The change extends it to non-Intune users, such as those using VMWare and Jamf mobile device management (MDM) software. This will apply to all customers in the first half of the 2025 calendar year. No action is required from customers at this time.

Deferred changes to My Groups admin controls

[No action is required]

In October 2023 we shared that starting June 2024 the existing Self Service Group Management setting in the Microsoft Entra Admin Center that states "restrict user ability to access groups features in My Groups" would be retired. These changes are under review and will not take place as originally planned. A new deprecation date will be announced in the future.

My Security Info Add Sign-In Method picker user interface update

[No action is required]

This is a courtesy reminder that, starting in August 2024, the "Add Sign-In Method" dialog on the My Security Info page was updated with improved sign-in method descriptions and a modern look and feel. With this change, when users click "Add Sign-In Method," they will initially be recommended to register the strongest method available to them, as allowed by the organization's authentication method policy. Users will also have the option to select "Show More Options" and choose from all available sign-in methods permitted by their policy. No admin action is required.

Provisioning UX modernization

[No action is required]

We’re modernizing the current application/HR provisioning and cross-tenant sync UX. This includes a new overview page, user experience to configure connectivity to your application, scoping, and attribute mappings experience. The new experience includes all functionality available to customers today, and no customer action required. The new experience will start rolling out at the end of October 2024, but customers can still use the existing experience through January 2024.

Enhancing user experience

Moving from a browse-based to a search-based solution for access package discovery

[Action may be required]

We're excited to introduce a new feature in My Access: a curated list of recommended access packages. This will allow users to quickly view the most relevant access packages without scrolling through a long list.  The final tab will be a complete, searchable list of all visible access packages in the tenant. We’ll deploy this to all customers as an opt-in preview by the end of October, with in-product messaging to highlight the change. By the end of November, it will transition to an opt-out preview, with general availability planned for December.

Microsoft Entra ID Governance

New releases

Microsoft Entra External ID

New releases

Microsoft Entra Verified ID

New releases

Microsoft Entra Internet Access

New releases

Microsoft Entra Internet Access

Microsoft Entra Private Access

New releases

Microsoft Entra Private Access

Global Secure Access: Microsoft Entra Internet and Microsoft Entra Private Access

Change announcements

Upcoming license enforcement for Microsoft Entra Internet Access and Microsoft Entra Private Access

[Action may be required]

Starting early October 2024, license enforcement will begin in the Microsoft Entra admin center for Microsoft Entra Internet Access and Microsoft Entra Private Access. This is following a 90-day notification period, starting with the general availability of Microsoft Entra Internet Access and Microsoft Entra Private Access, which began in July 2024. Learn more about Global Secure Access.

30-day trials are available for both licenses. Learn more on pricing. 

Best Regards,

Shobhit Sahay

What’s New in Microsoft Entra

Stay informed about Entra product updates and actionable insights with What’s New in Microsoft Entra.  This new hub in the Microsoft Entra admin center offers you a centralized view of our roadmap and change announcements across the Microsoft Entra identity and network access portfolio.

Learn more about Microsoft Entra

How to use Log Analytics log data exported to Storage Accounts

Security, Compliance, and Identity Blog - lun, 07/10/2024 - 19:42

Introduction

Exporting your logs from Sentinel or Log Analytics to Azure storage account blobs gives you low-cost long-term retention, as well as benefits such as immutability for legal hold, and geographical redundancy.

But in the event of an incident, or perhaps a legal case, you may need the data archived away in those storage account blobs to help the investigation.

Team during investigation

How do you go about retrieving and analyzing that data? This blog will answer exactly that question. Hint, it does involve an Azure Data Explorer cluster. I will also briefly explain how data ends up in those blobs in the first place.

**Note: ADX is often used to indicate “Azure Data Explorer” in this blog post.

How to export Log Analytics to Storage Account Blobs

Option One: Workspace Export

The easiest method is to enable the export on the Log Analytics Workspace itself. To do this, browse to Settings \ Data Export in the Log Analytics Workspace blade, then select “New Export rule”. You can select the table you want to export, several if needed, and the destination storage account.

Notice from the drawing above that the export happens at ingestion, which means you will end up with duplicate data, at least for the duration of the Log Analytics retention period. The export happens continuously at 5-minute intervals.

The result in the storage account is the following structure:

A container is created for each table in the Storage Account with the name am- followed by the name of the table (“am-azureactivity”).
Blobs are stored in 5-minute folders in the following path structure: WorkspaceResourceId=/subscriptions/subscription-id/resourcegroups/<resource-group>/providers/microsoft.operationalinsights/workspaces/<workspace>/y=<four-digit numeric year>/m=<two-digit numeric month>/d=<two-digit numeric day>/h=<two-digit 24-hour clock hour>/m=<two-digit 60-minute clock minute>/PT05M.json. Appends to blobs are limited to 50-K writes. More blobs will be added in the folder as PT05M_#.json*, where '#' is the incremental blob count.

Source: Log Analytics workspace data export in Azure Monitor - Azure Monitor | Microsoft Learn

Note that the export itself has a per GB cost, so be sure to take that into consideration: Pricing - Azure Monitor | Microsoft Azure

Option Two: Logic App

Alternatively, you can build a Logic App or a Function App that exports exactly what you want (which table and which columns, perhaps data that is first summarized in a smaller set) and when you want it. This option is documented here: Export data from a Log Analytics workspace to a storage account by using Logic Apps.

Contrary to the previous option (Export on Workspace), this example will lead to a flat folder, with a name that you define in the Logic App, with all the JSON’s listed in that same folder:

Now how do I get to the data?

Querying data in a storage account can be done in various ways, as we will see below.

externaldata() KQL

If you use the externaldata() kql function from Log Analytics or Azure Data Explorer (adx), your query will look similar to the below. In the example, two different JSON files are read from the storage account container “loganalytics-data” (from Option Two above):

The URL and SAS for each JSON is needed, and you can obtain those by going to each JSON in the storage account container, selecting “Generate SAS” and “Generate SAS token and URL” as shown below (or use your favorite scripting language):

Here some of the advantages and disadvantages of this option:

Advantages:

No need to deploy any additional components such as the Azure Data Explorer cluster.
Allows for querying “on the fly” of your blob content.

Disadvantages:

Requires a SAS token (Entra ID Authentication is always better).
Involves “leg work” in the form of defining the fields and copying and pasting the URL with the SAS token.
Potentially slow performance if a lot of data is queried (many JSON’s).

external_table in ADX

The next option is to leverage Azure Data Explorer (ADX), and create an “external table” in ADX. This is then pointed to the storage account and the relevant container holding the exported logs in JSON format. Deploying an Azure Data Explorer cluster is beyond the scope of this blog. More information can be found here: Create an Azure Data Explorer cluster and database.

Once you have it, your Azure Data Explorer Cluster can be in state “stopped” when it is not needed, allowing you to save costs. Be sure to start it before testing the following steps (and stop it again when you are finished and nobody else needs it!).

The data in the cluster can be accessed by browsing to the URI (see “Copy to clipboard” in the image above). The detailed steps are here: Create an external table using the Azure Data Explorer web UI wizard in Azure Data Explorer.

Below are some steps to get you started:

To create an external table, go to Query on the left-hand side of the screen, then right-click on the database and select “Create external table”:

Follow the wizard, giving your external table a name in the Destination part, then in the Source part select Container, and go to your Storage subscription, Storage account and then Container. I selected here the container generated under Option One above (the one generated as an export from Log Analytics):

ADX then reads all the JSON files (even across the hierarchical structure, so no need to worry about browsing that yourself) and lets you select one of the files as a template for generating the schema of the to-be-generated external table. Proceed with the wizard if you are happy with the schema proposed. The result will look similar to this:

(Notice my data is coming from the Azure Activity log).

External tables in ADX can be queried by using external_table(‘tablename’). Here are some of the advantages and disadvantages of this option:

Advantages:

No need for ingesting into the Azure Data Explorer database.
Allows for querying of the blob content as if it were a native table.

Disadvantages:

Potentially slow performance if a lot of data is queried (many JSON’s).

Ingest into ADX

The final option covered here is to ingest the data into a table in ADX. The difference with the external table, where we are in reality still reading from the storage account, is that in this case the data actually ends up residing in a table in the ADX database. This is described here: Get data from Azure storage.

Some high-level steps to get you started are here:

Again right-click on the database, and this time select “Get data”.

Follow the wizard, select Azure Storage, then connect to the container in the storage account, either via the URI, or by selecting the Azure components. Be sure to create a new table, as in the example below (“DataFromBlobs”).

ADX is smart enough to inspect the JSON’s in the container hierarchy and generate a schema. You can click “Edit columns” or “Advanced” to alter it.

For the purposes of this blog, I am happy enough, so I click on Finish at this point. ADX now goes about its business of ingesting the JSON files from the storage account. Note that depending on how much data there is to ingest, it can take a while. At the end, each blob (JSON file) will have “Successfully ingested” next to it.

Now I can query the data table directly:

Here are some of the advantages and disadvantages of this option:

Advantages:

Performance-wise the fastest querying experience, once the data is ingested.

Disadvantages:

The cost of ingesting the data and the responsibility for securing the ADX accordingly.

Cleaning up

To remove the data ingested in the last step, click on the three dots next to the table name and select “Drop table”, or issue the query command:

.drop table tablename (for example .drop table DataFromBlobs).

For external tables there is no right-click option for dropping the tables. Instead issue the following query command:

.drop external table tablename (for example .drop external table ExternalData)

Don’t forget to Stop the Azure Data Explorer cluster to save costs.

Conclusion

In this blog post, I explored some options for accessing logs that were archived in Azure storage account containers, either through export from Log Analytics and Sentinel or through a custom Logic App.

This is to address exceptional cases where you need those archived data, for example for historical context during an investigation.

Keep your online activity safer on public Wi-Fi with Microsoft Defender for individuals

Security, Compliance, and Identity Blog - lun, 30/09/2024 - 17:00

Figure 1 - Privacy protection UI on the Defender mobile app

Public Wi-Fi is usually free, easy and convenient, but not necessarily always safe. As they say, there is no ‘free lunch’ .

Microsoft Defender for individuals1 aims to provide a safer online experience wherever you go and late last year, we introduced privacy protection (VPN)2 , so you can browse without having to worry about your personal data being intercepted over an unsecure Wi-Fi connection

Check out the previous blog to learn more about the risks of unsecure WiFi and how a Defender VPN increases your online safety

Evolution of Privacy protection (VPN)

During the past few months, we've made it even easier to stay safer online with auto detection and notification of unsecure WiFi, expanded privacy protection to support all of our device platforms and rolled out privacy protection to more countries. Check out the summary below on the latest on privacy protection

What's new?

We have now expanded the scope of privacy protection in Defender with the below updates

Auto detection3 and notification of unsecure Wi-Fi connections with the ability to turn on a virtual private network (VPN) in the Defender app for added safety4
Privacy protection (VPN) is now available on all our supported device platforms including Windows, macOS, Android, and iOS.
Feature availability in more countries including US, UK, Germany, and Canada. And more countries are coming soon. We’re adding privacy protection to ten additional countries5 in Europe, Asia, and LATAM regions soon.

Unsecure Wi-Fi detection

(Available on Defender for Android, iOS, Windows. Coming soon to macOS)

These are typically your public Wi-Fi hotspots that may have weaker security encryption thereby potentially putting your personal data at risk.
With the un-secure Wi-Fi notification, you can seamlessly turn on protection with Defender with just a single click
Support to automatically enable VPN on public Wi-Fi is coming soon

Enhanced detection on mobile with suspicious Wi-Fi detection

(Available on Defender for Android, iOS. Coming soon to Windows and macOS)

We’ve added detection for un-safe Wi-Fi (suspicious Wi-Fi). These detections are possible using Defender heuristics that examine multiple characteristics of a Wi-Fi hotspot to determine if it is suspicious. As with unsecure Wi-Fi, you get a notification for un-safe Wi- Fi as well and can turn on Defender VPN for added safety.

Figure 2: Unsecure WiFi notification on Windows

Figure 3 : Privacy protection with VPN on a Windows device

Getting started with privacy protection

1. Get the Defender app

You can download the app from the Google Play Store, and Apple App Store or as a direct download (if you haven’t already)!

Sign-in with the personal Microsoft account (@gmail, @outlook, etc.) linked to your Microsoft 365 Personal or Family subscription or start your 1-month Microsoft 365 Family trial6.

Figure 4: Download from store

Scan the QR code:

Figure 5 : QR code to download app

2. Enable privacy protection

Open the Defender app, locate the ‘privacy protection’ card, and select ‘Get started ’ or ‘Finish setup’. The setup process is easy and quick, simply follow on-screen instructions thereafter. Ensure you are running the latest Defender app version from the Google Play store / iOS app store

Figure 6 - Get started with privacy protection

Learn more at https://aka.ms/privacyprotectionFAQ

References

[1] Microsoft 365 Family or Personal subscription required. Sign in with your Microsoft account. App is currently not available in certain Microsoft 365 Personal or Family regions.

[2] Privacy protection (VPN) is available on Windows, MacOS, iOS, and Android devices in select countries. Some streaming services are excluded. After 50 GB per month, data transfer speeds may be limited

[3] Check out this article on how to setup the Safer Wi-Fi experience on your Defender app.

[4] Usage of a Virtual Private Network (VPN) does not guarantee that your personal data will not be compromised. A VPN increases the safety of the internet traffic from your device by encrypting it to make it difficult for attackers to intercept and snoop on to the traffic from your device

[5] The list of supported countries (will be updated as we rollout) for Privacy protection is HERE.

Feature availability by country is based on the billing country of your Microsoft 365 Personal/Family subscription and Defender VPN automatically connects to the nearest available VPN server based on the physical location of your device

[6] After your one-month free trial, you will be charged the applicable subscription fee. Credit card required. Cancel any time to stop future charges

Implementing a secure by default approach with Microsoft Purview and address oversharing

Security, Compliance, and Identity Blog - jeu, 26/09/2024 - 20:58

Microsoft Purview provides several solutions and features that complement each other. For new-to-Purview administrators, it can be overwhelming to know where to start. Existing administrators may also be less familiar with how additional Purview features could enhance their data security posture.

For example, Data Loss Prevention (DLP) administrators can benefit from features in Microsoft Information Protection (MIP) and Insider Risk Management (IRM) but may never explore them as they can be seen as ‘another solution’.

To address this and accelerate how you can augment your data security posture, the Purview engineering team is releasing a new content series available on Microsoft Learn: “Notes from engineering”.

As the series evolves, it will include different types of content:

Purview deployment models – Scenario-based (‘why’) prescriptive recommendations based on successful customer deployment experiences. These include:
- Deployment blueprint single-slide visual of activities (‘what’)
- Storyboard presentation helping narrate the scenario and blueprint activities
- Detailed guide with clear, actionable, and prescriptive guidance (‘how’)
Feature playbooks – Detailed guidance on how to leverage best some of our newer features
Articles – Additional documentation such as our Ninja Training recommendations and FAQ, all in one place

Let’s introduce the first published Purview deployment model: Secure by default with Microsoft Purview and address oversharing.

Secure by default with Microsoft Purview and address oversharing

Microsoft Purview sensitivity labeling provides an efficient and robust capability to protect data. This protection is centered around encrypting your data and preventing oversharing. Labels can then be used as conditions in other solutions such as Microsoft Purview Data Loss Prevention (DLP) and Microsoft Purview Insider Risk Management.

The traditional 'crawl-walk-run' approach is often challenging or slow to adopt due to:

Defining the label taxonomy
Concerns about encryption affecting end users and line of business applications
Limited adoption through manual labeling and/or only using auto-labeling to label

In the detailed guide, we provide a deployment model focusing on a different approach. We show how to:

Configure secure by default sensitivity labeling.
Use label publishing defaults and auto-labeling in the Office client.
Use contextual defaults in SharePoint sites to rapidly achieve deployment velocity.

Traditionally, we train users on when to label and/or attempt to auto-label what is required to be protected. With this approach, default apply protection, and we train users on how to manage exceptions, such as sharing externally.

When you derive Teams and SharePoint site labeling to file labels, you can reach high labeling volumes with limited end-user interactions. This will also achieve a measured approach that helps overcome traditional challenges.

To achieve this, the detailed guide provides a list of recommended labels that fit most organizations and maximize the potential of Microsoft Information Protection (MIP), and the list of activities to achieve this with the following blueprint:

At a high level, this guidance will:

Quickly set up the foundational features to protect any new and updated content in Microsoft 365
Fast follow with protecting your priority content
Iterate to protect historical data at rest
Expand protection beyond Microsoft 365

This guidance can also be used to secure your environment for internal oversharing, accelerating how organizations are comfortable with enterprise search and Microsoft 365 Copilot. Copilot responses will also inherit from the highest priority sensitivity label.

To learn more:

Visit the Secure by default with Microsoft Purview and address oversharing blueprint, presentation, and guide.
Check often for new Purview deployment models addressing additional deployment scenarios

Microsoft Ignite Sold Out? Not for Security Professionals! Secure Your Spot

Security, Compliance, and Identity Blog - mar, 24/09/2024 - 18:19

Attention security professionals! Microsoft Ignite 2024 is just around the corner, taking place from Monday, November 18, 2024, through Friday, November 22, 2024, in Chicago, Illinois. This is your chance to dive deep into the latest advancements in AI and security to help you build a security-first culture within your organization.

General in-person passes are sold out, but don't worry—you can still purchase a pass using Microsoft Security’s RSVP code. Use the RSVP code ATTNLIYL to purchase your in-person pass while supplies last.

Why attend?

For security professionals and teams, AI offers a significant advantage, empowering organizations of all sizes and industries to tip the scales in favor of defenders. It also introduces new uncertainties and risks that require organizations to create a culture of security to stay protected. Now, more than ever, is the time to put security first. But how?

The answer is: with our innovations in AI-first, end-to-end security.

Ignite is our opportunity to share and showcase our latest security product innovations with you, and then dive into the technical details together—so the information you learn at Microsoft Ignite can have an immediate benefit to your digital environments and your customers.

Here’s what you can expect:

See your favorite products in action during sessions, demos, interactive labs, and workshops.

Learn how our global-scale threat intelligence informs the products you use daily.

Gain AI-specific cybersecurity skills to make you an invaluable asset to your organization.

Engage with Microsoft security product innovators and thought leaders.

Network with fellow security leaders, partners, and technical enthusiasts.

Microsoft Security at Microsoft Ignite: An expanded experience

Last year, you asked for more security content, we delivered—and we received great feedback. So this year we’re planning even more, with a focus on our continuing commitment to securing our technology and our customers.

See an overview of the week below to plan your travel.

Day 0 November 18, 2024

Microsoft Ignite Security Forum

Join us one day early at Microsoft Ignite for a security-only program, designed for decision makers from businesses of all sizes. Learn how AI, threat intelligence, and insights from our Secure Future Initiative can advance your security strategy. Be sure to sign up for this experience in registration.

Pre-day Labs Sessions

We’re also offering two technical pre-day learning labs:

1. “Secure your data estate for a Copilot for M365 deployment”: In this lecture-based workshop, Microsoft experts will walk you through a best practice, staged approach to securing your data estate ready for Copilot and other AI tools.

2. “AI Red Teaming in Practice”: This pre-day hands on workshop, led by Microsoft AI Red Team experts, is equipped to probe any machine learning system for vulnerabilities, including prompt injection attacks.

Day 1 November 19, 2024

Keynote

Satya Nadella said in May that security is job #1. Don’t miss the live keynote for the latest security innovations impacting Microsoft.

Security General Session

Microsoft Security’s top engineering and business leaders will share an overview of how our most exciting innovations help you put security first and best position your organization in the age of AI.

Security programming

Dive deeper into topics that interest you. Choose from over 30 breakout sessions, demos, and discussions covering end-to-end protection, tools to secure and govern AI, responsible AI, and threat intelligence.

Day 2 November 20, 2024

Security programming

Secure the Night Party

Security is often a thankless job. If no one else celebrates you, Microsoft Security will! Join us for a special party for the cybersecurity community.

Day 3 November 21, 2024

Security programming

Closing Microsoft Ignite Celebration

Close out Microsoft Ignite with the other 10,000+ attendees across job functions, industries and the world.

Don't miss this opportunity to elevate your security strategy and stay ahead of evolving cyber threats. Plan your travel now and be part of this transformative event! Use the RSVP code ATTNLIYL to purchase your in-person pass while supplies last.

Explore the key benefits of Microsoft Entra Private Access

Microsoft Entra Blog - lun, 23/09/2024 - 18:00

The traditional network security models are becoming increasingly ineffective in a world where remote work and cloud services are the norm. Conventional technologies like VPNs, while popular, offer limited protection in a boundary-less landscape, typically granting users excessive network access and posing significant risks. If compromised, these can lead to unauthorized access and potentially lateral movement within corporate networks, exposing sensitive data and resources. Microsoft Entra Private Access is at the forefront of addressing these challenges by effectively integrating identity and network access controls.

Microsoft Entra Private Access

In July we announced general availability of Microsoft Entra Suite, which brings together identity and network access controls to secure access to any cloud or on-premises application or resource from any location. We also announced Microsoft’s Security Service Edge (SSE) solution general availability. Microsoft Entra Private Access, a core component of Microsoft’s SSE solution, allows you to replace your VPN with an identity-centric Zero Trust Network Access (ZTNA) solution to securely connect users to any private resource and application without exposing full network access to all resources. It’s built on Zero Trust principles to protect against cyber threats and mitigate lateral movement. Through Microsoft’s global private network, give your users a fast, seamless, edge-accelerated access experience that balances security with productivity.

Figure 1: Secure access to all private applications, for users anywhere, with an identity centric ZTNA

Modernize access to private applications

Despite the cloud’s growing dominance, you may still rely on on-premises infrastructure and use legacy VPNs to enable your remote workforce. Legacy VPNs typically grant excessive access to the entire network by making the remote user’s device part of your network.

Figure 2: Legacy VPNs typically grant excessive access to the entire network

Microsoft Entra Private Access helps you easily start retiring your legacy VPN and level up to an identity-centric ZTNA solution that helps reduce your attack surface, mitigates lateral threat movement, and removes unnecessary operational complexity for your IT teams. Unlike traditional VPNs, Microsoft Entra Private Access protects access to your network for all your users— whether they are remote or local, and accessing any legacy, custom, modern, or private apps that are on-premises or on any cloud.

Figure 3: Replace legacy VPN with an identity centric ZTNA solution

For example, Microsoft Entra Private Access enhances security for Remote Desktop Protocol (RDP) sessions by enabling access without direct network connectivity. It leverages Conditional Access policies, including multifactor authentication (MFA), to validate both device and user identities. This ensures that only authenticated users with compliant devices can establish an RDP session on your network, providing a secure and seamless remote access experience. By integrating with Microsoft Entra ID, Microsoft Entra Private Access validates access tokens and connects users to the appropriate private server, reinforcing the security posture without the need for traditional VPN solutions.

Accelerate your journey to Zero Trust with Microsoft Entra Private Access

Microsoft Entra Private Access helps you accelerate your journey to ZTNA and meets this need by offering a streamlined approach to help enforce least privilege access to on-premises or private applications, reinforcing the importance of extending Zero Trust principles to any private app(s) or resource(s), regardless of their location — on-premises or any cloud.

Figure 5: Accelerate your ZTNA journey with Microsoft Entra Private Access

Here, in more detail, are the key capabilities that help you move from legacy VPNs to ZTNA:

QuickAccess policy simplifies transitioning from legacy VPNs to easily onboard with Microsoft Entra Private Access. It allows you to create network segments that can include multiple apps and resources.

Figure 6: Fast and easy migration from legacy VPNs with Quick Access policy

Over time, Private Application Discovery enables you to discover all your private apps, onboard them to enable segmented access, and simplify enabling the creation of Conditional Access policies for groups of apps based on business impact levels.

Figure 7: Automatic private application discovery and onboarding

Enforce Conditional Access across all private resources

To enhance your security posture and minimize the attack surface, it’s crucial to implement robust Conditional Access controls, such as MFA (biometric and/or phish resistant), across all private resources and applications including legacy or proprietary applications that may not support modern identity.

The familiar Conditional Access policies used today can now be extended to all private apps, including legacy apps and non-web resources, such as RDP, SSH, SMB, SAP, or any other TCP- or UDP-based private application, resource, or network endpoint.

Figure 8: Enforce Conditional Access across all private resources

Conditional Access is applied to every network flow, ensuring comprehensive security coverage across all your private apps and resources—including MFA, location-based security, advanced segmentation, and adaptive least-privilege access policies—without making any changes to your apps or resources.

Deliver seamless access to private apps and resources with single sign-on

Single sign-on (SSO) simplifies the user experience by eliminating the need to sign in to each private application individually. By enabling SSO, users gain seamless access to all necessary private applications, whether located on-premises or across various clouds, without the need for repeated authentication or modifications to existing apps.

Microsoft Entra Private Access further streamlines this process by providing SSO for on-premises resources, utilizing Kerberos for secure, ticket-based authentication. For an even more integrated experience, you can opt to implement Windows Hello for Business with cloud Kerberos trust, offering a modern, passwordless sign-on option for users. This cohesive approach to SSO, supported by Microsoft Entra Private Access, ensures a secure and efficient access management system for private resources across the enterprise landscape.

Deploy across various platforms, ports, and protocols

Enable secure connectivity to private resources from Windows and Android, with support for iOS and MacOS coming later this year, and Linux support to follow. This service spans all operating systems and accommodates any port and protocol, including SMB, RDP, FTP, SSH, SAP, printing, and all other TCP/UDP-based protocols. For security teams already using an Application Proxy, you can seamlessly and confidently transition to Microsoft Entra Private Access knowing that all existing use cases and access to existing private web applications will keep working with no disruption.

Securing just-in-time access to sensitive resources

Microsoft Entra Private Access tightly integrated with Privileged Identity Management (PIM), a service within Microsoft Entra ID Governance, helps you secure just-in-time access to private resources for privileged users. This integration ensures that privileged access is granted only when necessary, aligning with the Zero Trust principle of least privilege access. It allows for the enforcement of robust Conditional Access controls such as MFA, to ensure that only eligible and validated users can access sensitive resources. This approach not only enhances security but also supports compliance and auditing requirements by providing detailed tracking and logging of privileged access requests.

Secure access to Azure managed services with Microsoft Entra Private Access

Azure offers many managed services, such as Azure SQL, Azure Storage, and Azure ML, among others. Microsoft Entra Private Access ensures a secure, private connection to Azure services while enforcing security policies and posture during access, allowing you enforce Conditional Access controls such as MFA and IP-based access controls. With comprehensive enforcement of identity and network access controls, Microsoft Entra Private Access ensures that managed services are accessed securely. Here are two key scenarios:

Secure Azure managed services access: Typically, Azure services are accessed over the internet. However, for security reasons, it’s preferable to keep the traffic between users or applications and Azure services private, avoiding exposure to the internet. This can be achieved through Microsoft Entra Private Access, where services like Azure Storage can be connected to a virtual network (vNet) using Private Link. This ensures that all traffic remains private, while additional identity and network access controls are enforced.

Figure 11: Enable secure access to Azure Storage with Private Access through Private Link

Service endpoint for controlled access: In contrast to Private Link, the service endpoint method does not integrate services into a vNet. Instead, it restricts incoming traffic to connections from specified connector IP addresses through Microsoft Entra Private Access. This approach helps secure access to Azure services by permitting access solely through an approved path, where additional security measures like MFA and device posture can be enforced.

Figure 12: Ensures a single, secure path to the Azure managed services through Microsoft Entra Private Access

Simplify Microsoft Entra private network connector deployment for your private workloads

In addition to Microsoft Entra admin center, private network connector is now available on Azure Marketplace and AWS Marketplace in preview. This will allow users to easily deploy a virtual machine with a pre-installed Private Access Connector through a streamlined managed model for Azure and AWS Workloads. The Marketplace offerings automate the installation and registration process, simplifying authentication setup, thus enhancing user experience.

Figure 13: Microsoft Entra private network connector on Microsoft Azure Marketplace

Figure 14: Microsoft Entra private network connector on AWS Marketplace

The Microsoft Entra private network connector is a required software component to enable Microsoft Entra Private Access. It sits alongside customers’ private applications in customer network and is designed to provide secure and convenient access to them from any device and location. It acts as a bridge between Microsoft’s SSE edge and application servers, facilitating the authentication, authorization, and encryption of traffic.

Enable edge accelerated Zero Trust private domain name resolution

Microsoft Entra Private Access enhances your organization’s domain name resolution (DNS) capabilities and simplifies the process of accessing IP-based app segments and private resources using FQDNs, allowing your users to access private resources with single label names or hostnames without complex configurations. With accelerated DNS at Microsoft’s SSE edge , DNS responses are cached, leading to significantly faster resolution times and enhanced performance. Moreover, the integration of DNS with Conditional Access adds an extra layer of identity-centric security controls, allowing for more granular control over access to private resources.

For instance, with Private DNS support, you can provide your domain suffixes to simplify Zero Trust access to private apps using FQDNs, streamlining the connection process to internal resources, while using your existing DNS deployments. This is particularly beneficial in scenarios where your users need to seamlessly access private resources without the need for VPNs or domain-joined devices, while offering a more secure and efficient way to manage access.

Simplify access and improve end user experience at a global scale

Enhance user productivity by leveraging Microsoft’s vast global edge presence, providing fast and easy access to private apps and resources—located on-premises, on private data centers, and across any cloud. Users benefit from optimized traffic routing through the closest worldwide Point of Presence (PoP), reducing latency for a consistently swift hybrid work experience.

Deploy side-by-side with third-party network access solutions

A distinctive feature of Microsoft’s SSE solution is its built-in compatibility with third-party network access solutions where it allows you only acquire the traffic you need to send to Microsoft’s SSE edges. Leverage Microsoft and third-party network access solutions in a unified environment to harness a robust set of capabilities from both solutions to accelerate your Zero Trust journey. The flexible deployment options by Microsoft’s SSE solution empowers you with enhanced security and seamless connectivity for optimal user experience.

Conclusion

Simplifying and securing access for your hybrid workforce is crucial in a landscape where traditional boundaries have dissolved. Enforcing least-privilege access and minimizing reliance on legacy tools like VPNs are essential steps in reducing risk and mitigating sophisticated cyberattacks.

Microsoft Entra Private Access helps you secure access to all your private apps and resources for users anywhere with an identity-centric ZTNA solution. It allows you to replace your legacy VPN with ZTNA to securely connect users to any private resource and application without exposing full network access to all resources.

The unified approach across identity and network access within Microsoft’s SSE solution signifies a new era of network security. This approach ensures that only authorized users are authenticated, and their devices are compliant before accessing private resources.

Learn More

To get started, begin a trial to explore Microsoft Entra Private Access general availability. You can also sign up for an Entra suite trial, which includes Microsoft Entra Private Access. For further help contact a Microsoft sales representative and share your feedback to help us make this solution even better.

Ashish Jain, Principal Group Product Manager

Abdi Saeedabadi, Senior Product Marketing Manager

Read more on this topic

Microsoft Entra Private Access
Microsoft Security Service Edge now generally available
Simplify your Zero Trust strategy with the Microsoft Entra Suite and unified security operations platform, now generally available
Watch Zero Trust spotlight webcast
Watch Microsoft Entra Private Access tech accelerator webinar
Get started and try Microsoft Entra Private Access
Get started and try Microsoft Entra Internet Access
Get started and try Entra suite products

Learn more about Microsoft Entra

Join us at the Microsoft Entra Suite Showcase!

Microsoft Entra Blog - ven, 20/09/2024 - 19:11

This fall, we are bringing the Microsoft Entra Suite Showcase to cities worldwide. Join us to explore how our latest advancements in secure identity and access management can help safeguard your organization's digital assets.

Announced earlier this year, the Microsoft Entra Suite unifies identity and network access security—a novel and necessary approach for Zero Trust security. It provides everything you need to verify users, prevent overprivileged permissions, improve detections, and enforce granular access controls for all users and resources.

September 23

Mexico City, Mexico

Registration Full

September 25

São Paulo, Brazil

Registration Full

September 30

Amsterdam, Netherlands

October 1

London, England

October 8

Dallas, TX, USA

October 8

Johannesburg, South Africa

October 9

Sydney, Australia

October 10

Atlanta, GA, USA

October 14

Berlin, Germany

October 16

Singapore, Singapore

October 21

Silicon Valley, CA, USA

November 6

Dubai, UAE

November 12

Mumbai, India

Registration coming soon

November 14

Paris, France

Registration coming soon

November 14

Bangalore, India

Registration coming soon

December 4

New York, NY, USA

December 10

Chicago, IL, USA

To learn more about Microsoft Entra Suite:

Read the announcement on the Microsoft Security blog
Watch the Zero Trust Spotlight on demand

We look forward to seeing you there!

Microsoft Entra Internet Access now generally available

Microsoft Entra Blog - mer, 18/09/2024 - 18:00

With the rise of hybrid work, identity and network security professionals are now at the forefront of protecting their organizations. Traditional network security tools fall short in meeting the integration, complexity, and scale requirements of anywhere access, leaving organizations exposed to security risks and poor user experiences. To address this, network security and identity must function as a unified force in defense. Only when identity and network controls deeply integrate into secure access, can we fully deliver on the core Zero Trust principles, where trust is never implicit and access is granted on a need-to-know and least-privileged basis across all users, devices, and applications.

Microsoft Entra Internet Access

On July 11th, 2024, we announced general availability (GA) of Microsoft Entra Suite, which includes Microsoft Entra Internet Access, part of the Security Service Edge (SSE) solution. Internet Access secures access to all internet and SaaS applications and resources with an identity-centric secure web gateway (SWG) solution, unifying identity and network access controls through a single Zero Trust policy engine to close security gaps and minimize the risk of cyberthreats. Our solution integrates seamlessly with Microsoft Entra ID, eliminating the need to manage users, groups, and apps in multiple locations. It protects users, devices, and resources with capabilities such as universal Conditional Access, context aware network security, and web content filtering, so you no longer need to manage multiple disconnected network security tools.

Figure 1: Secure access to all internet and SaaS applications and resources, with an identity-centric SWG.

Unified identity and network security

Our deep integration with Entra ID enables Conditional Access, and later continuous access evaluation (CAE), to be extended to any external destination, internet resource, and cloud application, even if they’re not integrated or federated with Entra ID. This integration with Conditional Access enables you to enforce granular controls, leveraging device, user, location, and risk conditions by applying network security policies tailored to the requirements of your enterprise. Additionally, Microsoft Entra Internet Access provides enhanced security capabilities, such as token replay protection and data exfiltration controls, for Entra ID federated applications.

Figure 2: Rich user, device, location, and risk awareness of Conditional Access for network security policy enforcement

Protect your users with context aware network security

With Microsoft Entra Internet Access you now can link your network security policies to Conditional Access, providing a versatile tool that can adapt to various scenarios for your SWG policy enforcement. Now with web category filtering, you can easily allow or block a vast range of internet destinations based on pre-populated web categories. For more granular control, you can use fully qualified domain name (FQDN) filtering to establish policies for specific endpoints or override general web category policies effortlessly.

For instance, you can create a policy that allows your finance team access to critical finance applications, while restricting access for the rest of your organization. Furthermore, you can add risk-based filtering policies that dynamically adapt to a user’s risk level with Entra ID protection to restrict access to these destinations for members whose user risk is elevated, providing additional protection for your organization. Another great example is just-in-time access to Dropbox, while blocking all other external storage sites, to leverage deep integrations between Microsoft Entra Internet Access, Conditional Access and Entra ID Governance workflows.

In the coming months, we’ll be adding new capabilities such as TLS inspection and URL filtering to provide even more granular control for your web filtering policies. Plus, we’ll be adding Threat Intelligence (TI) filtering to prevent users from accessing known malicious internet destinations.

Provide defense in depth against token replay attacks with Compliant Network check

With the addition of the new Compliant Network control, you can prevent token replay attacks across authentication plane by extending Compliant Network check with Conditional Access for any Entra ID federated internet application, including Microsoft 365 applications. This feature also ensures that users cannot bypass the SSE security stack while accessing applications. Compliant network eliminates inherent disadvantages of source IP based location enforcement – that of cumbersome IP management and traffic hair pinning of remote users through branch networks.

Protect against data exfiltration by enabling universal tenant restrictions (TRv2) controls

With Microsoft Entra Internet Access you can enable Universal Tenant Restriction controls across all managed devices and network branches, agnostic of OS and browser platform. Tenant Restriction v2 is a strong data exfiltration control enabling you to manage external access risks from your managed devices and networks by curating a granular allow or deny list of foreign identities and applications that can or cannot be accessed.

Figure 5: Universal tenant restrictions

Avoid obfuscating original user source IP

Traditional third-party SSE solutions hide the original source IP of users, only showing the proxy IP address, which degrades your Entra ID log fidelity and Conditional Access controls. Our solution proactively restores original end-user source IP context for Entra ID activity logs and risk assessment. It also maintains backward compatibility for source IP based location checks in your Conditional Access policies.

Deliver fast and consistent access at a global scale

Our globally distributed proxy, with multiple points of presence close to your user, eliminates extra hops to optimize traffic routing to the internet. You can connect remote workers and branch offices through our global secure edge that’s only milliseconds away from users. We have thousands of peering connections with internet providers and SaaS services, and for services like Microsoft 365 and Azure, you avoid performance penalties through additional hops and improve overall user experience by sending the traffic directly to Microsoft WAN infrastructure.

Figure 7: Microsoft's global Wide Area Network (WAN)

Attain deep insights and network analytics using in-product dashboards:

Our comprehensive in-product reports and dashboards are designed to be easy to digest and share a complete holistic view of your entire ecosystem within your organization. You can monitor deployment status, identify emerging threats through comprehensive network and policy monitoring logging, and address problems quickly. Our dashboard delivers an overview of the users, devices, and destinations connected through Microsoft’s SSE solution. We show cross-tenant access within your enterprise, as well as the top network destinations in use and other policy analytics.

Figure 8: In-product dashboard

Microsoft Entra Internet Access architecture overview

Microsoft’s SSE architecture for client and branch connectivity streamlines network access and security. Global Secure Access standalone client on the endpoint is currently available for Windows and Android; MacOS and IOS are coming soon. Branch connectivity relies on site-to-site connections from network devices to Microsoft’s SSE edge services; Microsoft traffic is now available, with Internet Access Traffic being added soon. Traffic from both client and branch connectivity models is secured and tunneled through Microsoft’s SSE edges. Additionally, we have partnered with HPE Aruba and Versa to integrate our SSE solution with their SD-WAN offerings, with additional SD-WAN partners coming soon.

Side-by-side interoperability with third-party SSE solutions

One of the unique advantages of Microsoft’s SSE solution is its built-in compatibility with third-party SSE solutions where it allows you to acquire only the traffic you need to send to Microsoft’s SSE edges. For example, you can enable the Microsoft Traffic profile to manage Microsoft 365 and Entra ID traffic and optimize performance for your Microsoft applications while using other providers for remaining traffic. Configuring traffic forwarding profiles is straightforward, allowing for precise control over traffic for internet and SaaS traffic, including Microsoft 365. Traffic profiles are also user aware and can be directed to specific groups in your enterprise as appropriate.

Figure 9: Flexible deployment options

Conclusion

Microsoft Entra Internet Access offers a robust, identity-centric SWG solution that secures access to internet and SaaS applications. By unifying Conditional Access policies across identity, endpoint, and network, it ensures every access point is safeguarded, adapting to the needs of a hybrid workforce and mitigating sophisticated cyberattacks. This strategic shift not only enhances security but also optimizes user experience, demonstrating Microsoft's commitment to leading the transition to cloud-first environments.

Learn more and get started

Stay tuned for more Microsoft Entra Internet Access blogs and for a deeper dive into Microsoft Entra Private Access. For more information, watch our recent Tech Accelerator product deep dives.

To get started, contact a Microsoft sales representative, begin a trial, and explore Microsoft Entra Internet Access and Microsoft Entra Private Access general availability. Share your feedback to help us make this solution even better.

Anupma Sharma, Principal Group Product Manager

Read more on this topic

Learn more about Microsoft Entra

Omdia’s perspective on Microsoft’s SSE solution

Microsoft Entra Blog - mer, 11/09/2024 - 20:21

In July, we announced the general availability of the Microsoft Entra Suite and Microsoft’s Security Service Edge (SSE) solution which includes Microsoft Entra Internet Access and Microsoft Entra Private Access.

Microsoft’s vision for SSE

Microsoft’s SSE solution aims to revolutionize the way organizations secure access to any cloud or on-premises applications. It unifies identity and network access through Conditional Access, the Zero Trust policy engine, helping to eliminate security loopholes and bolster your organization’s security stance against threats. Delivered from one of the largest global private networks, the solution ensures a fast and consistent hybrid work experience. With flexible deployment options across other SSE and networking solutions, you can choose to route specific traffic profiles through Microsoft’s SSE solution.

Omdia's perspective

According to Omdia, a leading research and consulting firm, Microsoft’s entry into the SASE/SSE space is poised to disrupt the market. Omdia highlights that Microsoft’s focus is on an identity-centric SASE framework, which helps consolidate technologies from different vendors by extending identity controls to your network and enhancing team collaboration. A key strength for Microsoft, according to Omdia, is its ability to introduce Microsoft Entra Internet Access and Microsoft Entra Private Access seamlessly into existing identity management conversations—a strength that could lead to broader adoption of network access services as part of the same platform.

Conclusion

As you navigate the complexities of securing network access, Microsoft’s Security Service Edge solution helps you transform your security posture and improve user experience. It simplifies collaboration between identity and network security teams by consolidating access policies across identities, endpoints and network, all managed in a single portal - the Microsoft Entra admin center. Microsoft’s SSE solution provides a new pathway to implement zero trust access controls more effectively, enabling your organization to enhance its security posture while leveraging existing Microsoft investments.

To learn more about Omdia’s perspective on Microsoft’s SSE solution, read Omdia’s report, Microsoft announces general availability of its SASE/SSE offering.

Learn more and get started

Stay tuned for more Security Service Edge blogs. For a deeper dive into Microsoft Entra Internet access and Microsoft Entra Private Access, watch our recent Tech Accelerator product deep dives.

Nupur Goyal, Director, Identity and Network Access Product Marketing

Read more on this topic

Learn more about Microsoft Entra

Microsoft's quantum-resistant cryptography is here

Security, Compliance, and Identity Blog - lun, 09/09/2024 - 18:00

How we are preparing for the future of cryptography

Cryptography is the science of securing information from unauthorized access or modification. It is essential for protecting the privacy and integrity of data in the digital world. However, cryptography is not static. It evolves with advances in mathematics, computer science, and technology. One of the biggest challenges that cryptography faces today is the future threat from substantially more powerful quantum computers

Quantum computing leverages the properties of quantum physics, such as superposition and entanglement, operations that are impossible or impractical for classical computers. While quantum computers have the potential to help us solve some of the most complex problems in science, engineering, and medicine, they also have the potential to upend public-key algorithms, which form the foundation of today’s encryption and security for most existing information and communication technology products.

In an earlier blog post we explored how quantum computing could disrupt the most commonly used asymmetric algorithms, such as Rivest–Shamir–Adleman (RSA) and Elliptic Curve Cryptography (ECC), and why symmetric cryptography largely withstands quantum threats. While a capable enough quantum computer to break public-key cryptography is still in the future, threat actors are preparing today. There are increasing concerns related to attackers recording data now with a view to being able to decrypt it later when quantum computers are sufficiently mature – in so-called “Harvest-now, Decrypt-later” attacks.

To address this challenge, researchers have been developing post-quantum cryptography (PQC) algorithms that are resistant to quantum attacks. PQC is based on mathematical problems that are hard for both classical and quantum computers. PQC algorithms offer a promising solution for the future of cryptography, but they also come with some trade-offs. For example, these typically require larger key sizes, longer computation times, and more bandwidth than classical algorithms. Therefore, implementing PQC in real-world applications requires careful optimization and integration with existing systems and standards.

Microsoft is a key participant in and contributor to the National Institute of Standards and Technology (NIST) Post-Quantum Cryptography Standardization Process, which announced the first set of PQC algorithms which can be used by public and private sectors. Microsoft Research’s work on PQC includes several proposals for PQC algorithms in collaboration with academics and industry partners, and we have provided feedback and analysis on other submissions. Microsoft is also a core member and contributor in Open Quantum Safe (OQS) and National Cybersecurity Center of Excellence (NCCoE). We are also actively engaged in the Internet Engineering Task Force (IETF) to define standard interoperable ways to use PQC algorithms for safeguarding communication. This step is crucial before we see mainstream PQC adoption in software products and services across the industry.

Microsoft has developed a comprehensive strategy to support quantum resistance, acknowledging the significant impact quantum computing may have on existing public-key encryption methods. To address this, we established the Microsoft Quantum Safe Program (QSP), which unifies and accelerates all quantum-safe initiatives across the company from both technical and business perspectives. The goal of QSP is to achieve quantum readiness by integrating PQC algorithms and other security measures into Microsoft products, services, and infrastructures. Additionally, QSP is dedicated to supporting and empowering our customers, partners, and ecosystems as they work toward their own quantum-safe transitions.

Introducing PQC Algorithms in SymCrypt

At Microsoft, we strive to provide our customers with top security solutions for their data and communications. That is why we are proud to announce that we have begun releasing support for post-quantum algorithms in SymCrypt, Microsoft’s open-source core cryptographic library. Last week we published a SymCrypt update that includes the ML-KEM and XMSS algorithms, to be followed in the coming months with additional algorithms described below. This is a major milestone in our journey to prepare for the quantum era and to help protect our customers from future quantum threats.

SymCrypt is Microsoft's main cryptographic library used in products and services such as Azure, Microsoft 365, Windows 11, Windows 10, Windows Server 2025, Windows Server 2022, Azure Stack HCI, and Azure Linux. These products and services use SymCrypt to provide cryptographic security for scenarios such as email security, cloud storage, web browsing, remote access, and device management. SymCrypt offers a consistent interface for encryption, decryption, signing, verification, hashing, and key exchange using both symmetric and asymmetric algorithms. It is built to be fast, secure, and portable across multiple platforms and architectures. In Windows operating systems, the SymCrypt cryptographic library is embedded in the Cryptographic Primitives Libraries (bcryptprimitives.dll and cng.sys) which have gone through multiple FIPS 140 validations; SymCrypt is also going through a FIPS 140 validation as a cryptographic module for Linux-based operating systems. Microsoft maintains an active commitment to meeting the requirements of the FIPS 140 standard. We will continue to update and pursue evaluations for our products and services as standards evolve to support PQC algorithms.

With NIST releasing an initial group of finalized post-quantum encryption standards, we are excited to bring these into SymCrypt, starting with ML-KEM (FIPS 203, formerly Kyber), a lattice-based key encapsulation mechanism (KEM). In the coming months, we will incorporate ML-DSA (FIPS 204, formerly Dilithium), a lattice-based digital signature scheme and SLH-DSA (FIPS 205, formerly SPHINCS+), a stateless hash-based signature scheme.

In addition to the above PQC FIPS standards, in 2020 NIST published the SP 800-208 recommendation for stateful hash-based signature schemes which are also resistant to quantum computers. As NIST themselves called out, these algorithms are not suitable for general use because their security depends on careful state management, however, they can be useful in specific contexts like firmware signing. In accordance with the above NIST recommendation we have added eXtended Merkle Signature Scheme (XMSS) to SymCrypt, and the Leighton-Micali Signature Scheme (LMS) will be added soon along with the other algorithms mentioned above.

PQC algorithms have been meticulously chosen by NIST to offer high security, performance, and compatibility. They have been fine-tuned for efficiency in speed and size and have gone through rigorous tests for security and robustness. Efforts are ongoing within multiple industry standards organizations to ensure these algorithms are adopted into and compatible with existing standards and protocols such as Transport Layer Security (TLS), Secure Socket Shell (SSH), and Internet Protocol Security (IPSec), and that they can operate in hybrid mode alongside classical algorithms like RSA, Elliptic Curve Diffie–Hellman (ECDH), and Elliptic Curve Digital Signature Algorithm(ECDSA). As PQC standards develop, we will seek to incorporate additional algorithms into SymCrypt to maintain compliance, security, and compatibility.

The recommended path for leveraging SymCrypt is via Cryptography API: Next Generation (CNG) on Windows, while on Linux there are several options: direct use of SymCrypt APIs, the SymCrypt engine for OpenSSL (SCOSSL), or the SymCrypt Rust Wrapper. Over the coming months, these layers will add support for PQC algorithms, giving our customers the ability to experiment in their own environments and applications.

The use of PQC algorithms to secure TLS communications is an area experiencing rapid development. Although the finalization of NIST algorithms represents a key milestone in this advancement, two critical standards are required for widespread adoption: quantum safe key exchange and quantum safe signature authentication. We are working closely with the IETF to develop and standardize quantum-safe key exchange and authentication for TLS and other IETF protocols. As these standards get finalized, we will make these available through the Windows TLS stack (Schannel) and SymCrypt engine for OpenSSL on Linux.

PQC algorithms are relatively new, and it is prudent not to consider the initial generation of PQC algorithms as the definitive solution but rather view this as an evolving field. This underscores the importance of "Crypto Agility" which involves designing solutions to be resilient to the use of different algorithms and/or upgradable to use future algorithms as the PQ standards evolve. Recognizing this, Microsoft is a strong advocate of building solutions which are crypto agile, as well as deploying PQC solutions which make use of a hybrid PQ mode of operation. In time, we expect a shift towards pure PQ deployments, as PQ algorithms and standards mature.

Adding post-quantum algorithm support to the underlying crypto engine is the first step towards a quantum safe world. As we enable support for PQC in additional system components and applications, we will see services light up end-to-end scenarios protected by PQC while also giving our customers the option to experiment with and adopt it in their own environments and applications.

Start your PQC transition journey

The transition to PQC is a complex, multi-year and iterative process, which requires attention and careful planning. One of the first steps that we recommend organizations to take is creating an inventory of cryptographic assets in use. By that, organizations can better understand the scope of the effort and establish a risk-based plan for their PQC transition.

Also, we recommend familiarizing the organization with the PQC algorithms and approaches for implementations.

Microsoft is here to assist its customers, partners and ecosystems in navigating their transition to quantum safety and optimizing safety in the quantum era. Fill out this questionnaire to get started with Microsoft.

Conclusion

PQC algorithm support in SymCrypt is a significant step forward in our efforts to prepare for the quantum era, and to help protect our customers from future quantum threats. We are excited to share this update with you and to hear your feedback and suggestions. We also look forward to collaborating with the research community, industry, and standards bodies to advance the state of the art in post-quantum cryptography and to make it more widely available and adopted. By working together, we can maintain cryptography as a strong method for protecting information in the digital age.

Agrégateur de flux

Microsoft now a Leader in three major analyst reports for SIEM

Update to security defaults

Meet Microsoft Entra at Ignite 2024: November 18-22

Introducing Lineage Tracking for Azure Databricks Unity Catalog in Microsoft Purview

Manage Microsoft Entra ID role assignments with Microsoft Entra ID Governance

Upcoming design updates: Microsoft Purview Message Encryption Portal

The latest enhancements in Microsoft Authenticator

Streamlining AI Compliance: Introducing the Premium Template for Indonesia's PDP Law in Purview

Microsoft Security announcements and demos at Authenticate 2024

Make the most of your time at Microsoft Ignite!

What's new in Microsoft Entra - September 2024

How to use Log Analytics log data exported to Storage Accounts

Keep your online activity safer on public Wi-Fi with Microsoft Defender for individuals

Implementing a secure by default approach with Microsoft Purview and address oversharing

Microsoft Ignite Sold Out? Not for Security Professionals! Secure Your Spot

Explore the key benefits of Microsoft Entra Private Access

Join us at the Microsoft Entra Suite Showcase!

Microsoft Entra Internet Access now generally available

Omdia’s perspective on Microsoft’s SSE solution

Microsoft's quantum-resistant cryptography is here

Pages

Abonnement RSS

Active Directory (Anglais)

Formulaire de recherche

Pages

Abonnement RSS

Active Directory (Anglais)