Simplifying Security for the Hybrid Working World

Cybersecurity is at an inflection point. The switch to remote working and the associated endpoint vulnerabilities are an integral part of the new normal.

There are several factors that are causing organizations to rethink their security strategies. For example, ransomware is now a successful business model for a new breed of cunning, deep-pocketed bad guys. It’s also difficult and costly to find and retain cybersecurity professionals with the expertise to protect corporate data from a new generation of attacks. Additionally, most organizations use multiple tools and solutions that must be managed by lean, internal security teams.

First: simplify

The first step in dealing with any overwhelming situation is to make it easier.

Businesses don’t have to deal with multiple different vendors and tools, each with different licensing agreements and upgrade cycles that require integration with each other. Reducing your number should be at the top of your to-do list.

One approach is to adopt an integrated suite of security products from a single vendor. For example, most organizations are already using Microsoft 365, which includes Microsoft Teams and other Microsoft applications. Additionally, many of these customers have purchased the E5 security suite, which includes Microsoft’s built-in security capabilities that protect Microsoft 365, endpoints, and cloud applications, and provide identity and compliance management.

“Microsoft has market-leading security products and tremendous scale to support them,” said Peter Scott, director of security at DXC Technology. “In addition, Microsoft is investing $20 billion in security over the next five years. Given this investment and commitment to security, it makes sense for organizations to consider Microsoft if they are looking to simplify their security toolsets.”

The extent to which you can consolidate may come as a surprise. It is possible to consolidate 26 separate tools on Microsoft and its partners:

Perceptions change

Analysts that rate cybersecurity software, such as Forrester Research and Gartner, are increasingly ranking Microsoft security products as leaders. One reason for this is the large amount of worldwide security signals that Microsoft collects – valuable information that the company uses to develop highly effective software to defeat the bad actors.

“Microsoft has a very large cyber petri dish in which to study cyber threats,” Scott said. So when it comes to large-scale attacks, Microsoft has the cyber intelligence to help bring down the bad guys.”

For example, Microsoft cybersecurity tools map to the MITER attack framework and are integrated with each other. This integration capability reduces the burden on your cybersecurity teams and can help better protect the business by preventing malware from moving laterally within an organization.

However, Microsoft security goes beyond securing Microsoft products. It now also helps protect AWS and Google Cloud environments, as well as Linux, macOS, iOS for iPhone, iPadOS and Android.

Another benefit: With the Microsoft Sentinel Security Information and Event Management (SIEM) solution, you can view your entire cybersecurity environment from a single pane of glass. This transparency creates confidence that security tools and policies are working as they should.

How to implement Microsoft cyber security

What now? As a business, you may not be ready to tear down your existing protections and install new ones. That would be a risky maneuver that would be difficult to justify. Instead, plan a security journey to replace point products while leveraging the Microsoft suite. At each step, test the integrations with your existing environment and ensure effective monitoring and protections are working.

Being part of the larger Microsoft ecosystem brings the benefit of extensive, real-time information sharing, Scott said. For example, if you, as a customer, submit threat information to Microsoft, this anonymized data is combined with input from other Microsoft customers in a process similar to crowdsourcing. The data is then parsed for insights that are fed back to all organizations so everyone can benefit from shared experiences.

Getting started can feel daunting. It is therefore important to fall back on a competent partner. DXC has decades of experience helping hundreds of the world’s largest companies get the most out of Microsoft technology. As a global systems integrator, the company also has in-depth knowledge of third-party tools and their integration.

For example, a major automotive manufacturer turned to DXC for help with Azure Sentinel and Azure Defender for the IoT – moving from multi-tooling solutions with stovepipes to a unified security service with enterprise-wide protection.

DXC also supports a World market leader in manufacturing on implementing Microsoft Sentinel, which transformed an environment with multiple disparate tools into a unified, well-monitored cybersecurity service. Working with more than 40,000 onsite and offsite users, the company also benefited from DXC’s global partnership with Microsoft and expertise in maximizing the value of Microsoft Office 365 E5 licensing with its advanced security features.

“Sometimes security is screwed on after the fact,” Scott said. “That’s not how we think about safety at DXC. Security must be embedded in the operating environment.”

With more than 3,000 cybersecurity experts worldwide in regional centers of excellence, DXC can protect data effectively, economically and locally.

“DXC runs IT every minute of every day for some of the largest and most complex companies in the world,” said Scott. “It gives us unmatched visibility and experience and positions us really well to help our customers stay safe.”

click here to learn more about the partnership between DXC and Microsoft.