Last year, under the leadership of CEO Satya Nadella, Microsoft invested roughly $1 billion into security as well as doubled the number of security executives on its team, used blockchain technology to better secure online transactions and expanded its bug bounty program and new certification programs.
The investment was reflected in security features added to Microsoft's Azure, which focused on three key areas, including design and operational security, encryption and identity and access management.
The system, built assuming security breaches will occur, incorporates multiple protocols, including overlapping controls, to prevent the breach of a single control from jeopardizing the security of the platform. Further, it prevents users from choosing a password that has repeatedly appeared on breach lists or been used too many times in suspicious login attempts.
The platform also uses knowledge and oversight of Microsoft's global incident response team to mitigate the effects of any attack at any time and at any location. Azure also includes a bot service which will help enterprises develop intelligent bot, a new service for Microsoft's cloud platform, designed to help developers create intelligent bots for Azure using the Microsoft Bot Framework which will run on Azure Functions, a serverless environment that allows enterprises to scale their bots as needed.
Under Nadella's leadership, Microsoft also introduced Project Bletchley, which will use blockchain to secure financial transaction history and ensure it remains impervious to forgery. The initiative is made of two new concepts: blockchain middleware and cryptlets. Blockchain is the technology that underpins Bitcoin transactions – which is often used by ransomware criminals. But in this instance, Microsoft will use the technology to protect the fidelity of any type of transaction. And cryptlets are a new building block of blockchain technology which is built to enable secure interoperation and communication between Microsoft Azure, ecosystem middleware and customer technologies. Microsoft also said that, in time, the service will also include features such as identity, key management, privacy, security, operations management and interoperability.
Nadella also oversaw advancements in Microsoft's efforts to improve security by expanding its bug bounty programs. This initiative was temporarily expanded to include Nano Server and offered to pay $15,000 for vulnerabilities found in the server. The server is an installation version of Windows Server 2016 used for cloud and development. The bug bounty was also expanded permanently to include the company's cloud-based storage service OneDrive.
And to help train others to secure their devices and networks, Microsoft announced new certifications provided through the company's data portal that will provide compliance certifications for four added frameworks. These include the Spanish governments' ENS (Esquema Nacional de Seguridad) framework, providing access to government services; the UK's intellectual property framework, called Federation Against Copyright Theft (FACT); a cloud framework for the Motion Picture Association of America (MPAA) that governs digital film; and the Cloud Security Mark (CS Mark) security standard for cloud service providers in Japan.
Microsoft also launched two free programs designed to increase participation in training for cloud-based security and IT skills.
One of the new programs, Microsoft IT Pro Cloud Essentials, provides IT professionals with access to cloud services, Azure credits, online training, forum and telephone support and certification exam vouchers.
The other program, the Microsoft IT Pro Career Center, offers catered curriculum for cloud IT professionals. The program also provides career, salary and industry forums for IT professionals seeking cloud IT and security opportunities. The new programs come as part of the company's transition toward the cloud.
Click here for the next Top Management pick Reboot 2016 Top Management: Gottfried Leibbrandt, CEO, SWIFT