The transition from an on-premise environment, built on office buildings and data centres, to a cloud-based platform, raises relevant questions with regard to cloud security. Certainly in times when remote working has become the standard. How do you secure your systems, applications and data stored in the cloud? In new ways of working with innovative, cloud-based technology such as the Modern Workplace, security is an important point of attention. But how do you organise this and what do you have to look out for?

In this blog, Nick Nieuwenhuis, Cloud Consultant at HSO, explains what functionalities and tools Microsoft 365 can offer to better secure your cloud platform.

The challenges in cloud security for the CIO in 2021

As a result of the corona crisis, technology and IT play an increasingly important role in organisations. We saw a sharp increase in cloud and security-related matters in 2021. But as a CIO, you want to focus on innovation and an integral digital transformation. You have to be able to rely on a well-secured workplace that is accessible from anywhere. The Modern Workplace requires a different vision on security. HSO helps you with this!

A new approach to cloud security with Microsoft 365.

Microsoft 365 is the Modern Workplace solution of Microsoft and consists of Windows 10, Microsoft Enterprise Mobility & Security (EMS) and Office 365. Microsoft 365 offers an integrated security solution across the entire Modern Workplace environment. I listed the most important cloud security tools and services within Microsoft 365 below.

  • Azure Active Directory: the key to success

Azure Active Directory (AAD) is used as the Identity and Access Management (IAM) layer in the Microsoft cloud (Azure). AAD is fully integrated with other layers of Microsoft 365, such as Mobile Device Management (MDM) and Mobile Application Management (MAM). In addition, you can use AAD to synchronise your local users to the cloud. In AAD, you can add an extra layer of security with multi-factor authentication (MFA) and Conditional Access.

  • Microsoft 365 Defender

Microsoft 365 Defender is a security solution for better protecting endpoints, identities, emails and applications from threats. This reduces vulnerability and eliminates attacks before they can take place. With Microsoft Defender for Identity (previously named Advanced Threat Protection), you can better defend your devices against advanced threats such as ransomware. Microsoft Defender for Endpoint continuously detects vulnerabilities and eliminates cloud security risks, such as malware, for all your devices.

  • Microsoft Information Protection

With Microsoft Information Protection you can detect, protect and classify sensitive information and data, both in the cloud and on premise. By applying encryption and labelling information, you manage who has access to what data, so unauthorised persons never have access to sensitive information.

  • Cloud App Security

The increasing use of cloud apps and services has created a paradox between security and usability. On the one hand you want users to access their data easily, but on the other hand it needs to be sufficiently secured. Microsoft Cloud App Security (CAS) offers visibility, control and analysis on all the data transport in all Microsoft cloud services to identify and eliminate cyber threats.

  • Azure Sentinel

As a final point in this blog, I want to highlight Azure Sentinel. Azure Sentinel is a Security Information and Event Management (SIEM) and Security Orchestration Automated Response (SOAR) solution of Microsoft. Azure Sentinel provides smart security analysis and threat information for the entire organisation. This makes Sentinel the one solution for detection, visibility, proactive tracking and response to threats.