Microsoft Security: What You Need To Know

Over the past year, the widespread shift to remote work has stretched teams and opened new vectors, amplifying the need for airtight cyber defenses as cybersecurity threats continue to evolve. Making sure that only the right individuals can access the right resources at the right time is at the core of identity and access management.

Securing your organization with a Zero-Trust Policy means your company has decided to explicitly verify every individual, device, and application utilized by your network. (Don’t worry, your company still trusts you. They don’t trust your computer.) A username and password are required at the bare minimum, preferably companies would want to use biometric measures like face ID or fingerprints, but multi-factor authentication works just as well.

Microsoft provides the tools and resources to properly secure, authenticate, and authorize Azure AD, Windows Server, and Microsoft 365. Microsoft has recently introduced a new line of security courses and certifications based around security, compliance, and identity to ensure the proper use of those tools and solutions. These new courses provide instruction on best securing Azure Active Directory, Microsoft 365, and how you can better manage organizational risk.

Microsoft focuses its threat protection on four main concepts:

1. Identity and access management: Secure access for a connected world
2. Threat protection: Stop attacks with integrated, automated SIEM and XDR
3. Information protection: Protect sensitive data and manage insider risks with intelligence
4. Cloud security: Safeguard your multi-cloud resources

Here is a rundown of what you can expect from our offered courses:

Security, Compliance, and Identity (SCI)

When it comes to SCI, organizations need someone with a fundamental level of security, compliance, and identity across cloud-based Microsoft services. (Yes, this is a vast audience) General concepts are incorporated throughout the course: zero-trust and the shared responsibility model are tied into elements of the program that relate directly to cybersecurity foundations.

The new SCI Portfolio will focus on critical roles within large enterprise customers –precisely three separate and distinct parts: Security Operations, Identity & Access, and Compliance & Risk:

1. Identity & Access: The Microsoft Identity and Access Administrator designs, implements, and operates an organization’s identity and access management systems using Azure AD. They manage tasks such as providing secure authentication and authorization access to enterprise applications. The administrator offers seamless experiences and self-service management capabilities for all users. Adaptive access and governance are core elements to the role, as are troubleshooting, monitoring, and reporting.
2. Information Protection (Compliance): The Information Protection Administrator plans and implements controls that meet organizational compliance needs. This person is responsible for translating requirements and compliance controls into technical implementation. They also assist executive control owners in becoming and staying compliant.
3. Security Operations Analyst: The Microsoft Security Operations Analyst collaborates with organizational stakeholders to secure information technology systems. Their goal is to reduce corporate risk by rapidly remediating active attacks in the environment, advising on improvements to threat protection practices, and referring violations of organizational policies to appropriate stakeholders.
   

Microsoft offers several other security courses outside of the new Security, Compliance, and Identity lineup.

Our website includes information on Azure, Microsoft 365, and Windows Server 2019 security offerings as well.

Print