Microsoft releases new security controls for multi-cloud customers


Bobby Hellard

25 Feb, 2022

Microsoft has unloaded a range of new security controls for multi-cloud customers that include updates to its Defender for Cloud platform and the first service to come from its CloudKnox acquisition.

The first of the new capabilities is a change to Microsoft Defender for Cloud which is aimed at multi-cloud customers that have Google Cloud services.

Defender for Cloud, which was announced at last year’s Ignite conference, is a security posture management console that identifies configuration weaknesses across other providers’ services. And, with the addition of Google Cloud, Microsoft says it is now the only cloud provider to offer a “native” multi-cloud protection service for the top three platforms (Google Cloud, AWS and Azure).

Support for Google Cloud will come with a simplified onboarding experience, according to Microsoft. This will feature more than 80 “out-of-the-box” recommendations for users to secure their environments. It will include a central “multi-cloud view” that lets users see and compare compliance status against critical benchmarks, such as the Center of Internet Security (CIS).

The next capability comes from last year’s acquisition of cloud infrastructure management firm CloudKnox and deals with permission management. Microsoft is launching a public preview of ‘CloudKnox Permissions Management’, which will give companies “complete visibility” into user and workload identities across the cloud services. This will be largely undertaken by automated features and machine learning-powered monitoring functions.

There are also new functions for Microsoft Sentinel, which is another cloud-native platform that deploys AI to analyse large data sets for security issues. The services will have new basic logs, which will see it sift through high volumes of data and find “low-visibility” threats, according to Microsoft.

This is in addition to new archiving functions that extends data retention to seven years, instead of the current two, and also new search functions for security analysts.

Microsoft is also extending its Azure Active Directory beyond its core capabilities by adding safeguards for workload identities. And, the tech giant has also announced a new secure payment processing function for Azure Payment HSM, which is a public preview.