Microsoft brings enterprise security to nonprofits and SMBs

As part of a “security for all” push featured at this week’s Ignite conference, Microsoft says it is bringing enterprise security to small to midsize businesses (SMBs) and nonprofits, boosting cloud security programs, and expanding intrusion prevention and detection tech to cover Amazon Web Services.

“We need to have security for all, security that protects everything,” said Vasu Jakkal, corporate vice president for security, compliance, and identity. Microsoft believes it has a responsibility to deliver on that promise, working with both public and private partners. “Security is a team sport, after all.”

In an interview with VentureBeat, Jakkal discussed support for SMBs and nonprofits. She also detailed the broader context of Microsoft’s initiatives in a blog published this morning to the Ignite 2021 news site.

Microsoft has been working to broaden its portfolio of Microsoft Defender products, which range from the free, basic antivirus software distributed with Windows to more advanced endpoint security and email security for the enterprise. The new Defender for Business edition being previewed this month makes the enterprise capabilities more accessible to organizations with up to 300 users.

Enterprise security for all

Meanwhile, a Security for Nonprofits program aims to help up to 10,000 nonprofits improve their security posture this year, with a goal of reaching 50,000 organizations by 2025. Nonprofits in the program will be offered free security assessments and free access to Microsoft AccountGuard for detecting hacks and recommending countermeasures. According to Microsoft’s 2021 Digital Defense Report, in the past year, non-governmental organizations and think tanks were the second most targeted sector by cybercriminals, accounting for 31% of all notifications of nation-state attacks against organizational domains as detected by Microsoft.

SMBs and nonprofits are not immune to threats like ransomware or hacks sponsored by nation-state actors — and humanitarian nonprofits might be even more likely to be targeted by hostile nations, Jakkal said.

All enterprises need to move to more of a zero-trust approach to security, where every computer, device, and user is treated with suspicion until its identity and its malware-free status can be proven, Jakkal said. Microsoft is practicing zero trust internally and believes it has built a solid foundation for zero trust in its product architecture. However, implementing the whole stack of technologies needed to secure identities and protect applications is easier to accomplish in the cloud, where Microsoft has greater control, as opposed to on-premises, where customer organizations need to do that work. Microsoft is enhancing its compliance management tools to help customers on that journey, Jakkal explained in a blog post.

Upping cloud security for AWS and MacOS

Microsoft said it is adding bidirectional incident detection and response integration between Defender and Microsoft Sentinel, its cloud-based security event and incident management tool for gathering and analyzing security log data. Microsoft says this will make it easier to get the full context around an incident and work to close that incident from either tool.

One pattern that emerged from the announcements is that products previously branded “Azure” will be rebranded “Microsoft.” This may be a natural progression as the product offerings broaden to cover more than Azure — for example, Azure Sentinel and Azure Defender will become Microsoft Sentinel and Defender for Cloud.

Microsoft says Defender for Cloud will now extend security posture management and workload protection capabilities to Amazon Web Services (AWS). Defender for Cloud will provide workload protection for the AWS Kubernetes service AKS. Defender for IoT, an agentless solution for monitoring network-connected devices, will now integrate with the same workflows used to manage Microsoft 365 security, the company said.

The Redmond, Washington-headquartered company also announced enhancements for MacOS support in Defender and added MacOS support to its data loss prevention and risk management software. It also adds Defender endpoint security support for Linux desktops.