We will provide some details about the new “Protect the Administrators” program that is positively impacting the Microsoft ecosystem. This case study highlights the steps we are taking at Microsoft to protect our environment and administrators, including new programs, tools, and considerations, and the challenges we faced. When elevated access is persistent or elevated-privilege accounts use the same credentials to access multiple resources, a compromised account can become a major breach. In an environment where there are too many administrators, or elevated-privilege accounts, there is an increased risk of compromise. This includes new company standards, telemetry, monitoring, tools, and processes to protect administrators and other elevated-privilege accounts. To dramatically limit our attack surface and protect our assets, we developed and implemented our own defense-in-depth approach. We now know that effective security calls for a defense-in-depth approach that requires us to look at the whole environment-and everyone that accesses it-to implement policies and standards that better address risks. Microsoft Digital, like many IT organizations, used to employ a traditional IT approach to securing the enterprise. Increasingly sophisticated and targeted threats, including phishing campaigns and malware attacks, attempt to harvest credentials or exploit hardware vulnerabilities that allow movement to other parts of the network, where they can do more damage or gain access to unprotected information. An ever-evolving digital landscape is forcing organizations to adapt and expand to stay ahead of innovative and complex security risks.
0 kommentar(er)
