Jun 10 2021

CDW Tech Talk: Dynamic Infrastructures Can Improve Security and Productivity

With cybercrime on the rise, a dynamic infrastructure can be an effective tool in defending your business and protecting your data.

Facing the reality of ransomware attacks and other cyberthreats, companies are looking to dynamic infrastructures to defend their business interests and protect valuable data.

Cyberattacks have become so common and damaging that last week the White House advised business leaders to step up their security measures. Anne Neuberger, deputy national security adviser for cyber and emerging tech at the National Security Council, said in a June 2 memo “The threats are serious and they are increasing. We urge you to take these critical steps to protect your organizations and the American public.”

David O’Keefe, partner technology strategist at Microsoft, spoke during CDW’s Tech Talk webcast about the evolution of Microsoft’s perspective on security over the years. He described the vast amount of data the company synthesizes regularly.

“400 billion emails get analyzed by outlook.com and Office 365 every month. 1.2 billion devices get scanned every month by Windows Defender. That gives us a really good look into what’s happening on endpoints, where the attacks happen and what attacks look like,” he said.

WATCH THE WEBCAST: Unlock the exclusive Insider video to learn more about the benefits of a dynamic infrastructure.

Microsoft Is Partnering with Vendors and Customers to Elevate Security Efforts

“We operate over 200 global cloud consumer and commercial services. So, everything from outlook.com to Xbox Live to Office 365 to Azure. And with all of those services, we have a tremendous amount of surface area that we have to defend,” O’Keefe explained.

He stated that Microsoft has always believed in the importance of security, “but the push from COVID to remote work, the reliance on technology to run businesses and the consequences of getting it wrong have really pushed us to emerge as a security company — and probably more importantly, as a security platform.”

In early 2021, Microsoft announced that its security business exceeded $10 billion in revenue in 2020, but O’Keefe said, “the reality is we can’t do it alone. In addition to our commitment to providing best-in-class products, we focus on providing an open platform and we welcome security vendors to integrate and provide better visibility and protection to our joint customers.”

As part of that effort, the company established the Microsoft Intelligence Security Association to enable collaboration with leading security technology companies. O’Keefe said Microsoft launched MISA in April 2018 with 26 members, and the organization has grown to 136 members and counting as of July 2020.

The Future Holds Even More Security Challenges

O’Keefe pointed out some cyberthreats that have been consistent for a while but that may have accelerated or become more prominent in recent years. He mentioned Forrester’s report on the top security threats of 2021, where it’s noted that COVID-19 and the growth of digital interactions have resulted in an increase in identity theft and account takeover.

He also cited a separate report that said “nearly 60% of data breaches in the past two years can be traced back to a missing operating system patch or an application patch. In that same report, fewer than half of enterprises indicated that they could meet the best practice standard of hardening those systems within 72 hours of that notification.”

These security vulnerabilities become highlighted amid news stories about successful ransomware attacks, which O’Keefe described as effective and lucrative. Ransomware, he said, “is used as an attack that really targets the lifeblood of an organization, which is their data.”

Microsoft Offers Multiple Products to Protect Against Cyberthreats

As a means of countering cyberthreats, O’Keefe touted the zero-trust approach employed by Microsoft Azure.

“I would say that identity is absolutely crucial to protecting an organization's infrastructure. When that identity is compromised, malicious actors can gain access to your infrastructure, your data, your applications,” O’Keefe said.

For protecting an organization’s infrastructure, O’Keefe recommended Microsoft Azure Sentinel. “Sentinel is a cloud-native security information and event management platform and it uses built-in AI to help analyze large volumes of data across an organization. Sentinel aggregates data from all variety of sources, which includes users’ application servers, devices that are running on-premises, or even in any cloud, and it lets you correlate those events across those multiple sources over the millions of records in just a few seconds.”

In addition, he mentioned Azure Purview, which is Microsoft’s data governance service. He said Purview “really helps organizations manage and govern on-premises, multi cloud or even Software as a Service data. It allows an organization to create a map of their data across all these different sources. And with that map, you can understand the location of that data, the movement and what data is sensitive or not, and you can automatically apply classification labels or sensitivity labels.”

Automation and DevOps Can Increase Productivity

Ruben Chacon, technology vice president and CISO at CDW, also joined the conversation to discuss the security boost offered by automation and DevOps.

“Security automation has been an important issue for many companies, especially lately with the rising of cyberthreats,” Chacon said. The automation of human-driven and repeatable processes “focuses on more productive problem-solving tasks within organizations. Focusing on these issues will foster innovation and contribute to a more robust organization from a cybersecurity point of view.”

He also talked about the ways DevOps could be beneficial for many organizations. DevOps is about eliminating silos and bringing development and operations activities together. Chacon said it’s important to know that DevOps is not just about tools. It’s also about the way people work and the processes they use.

He explained that DevOps integration is based on automating infrastructure and workflows, allowing for the continuous delivery of applications into production and constantly measuring application performance. “By integrating development and operations teams and adding automation, organizations can improve collaboration, work culture and ultimately productivity,” he said.

Follow BizTech’s full coverage of the CDW Tech Talk series here. Insiders can register for the event series here.

Getty Images/ marchmeena29