Page 32 - FCW, Nov/Dec 2017
P. 32
NETWORK MODERNIZATION IDENTITY-DRIVEN SECURITY
anybody has snuck past your countermeasures in ways you didn’t anticipate.”
BRINGING IT ALL TOGETHER
Bringing all that together with strong big-data analytics and machine-learning capabilities is the final piece of the puzzle. Gathering data is much easier today, thanks to relatively inexpensive hyperscale cloud storage and computing resources. The ability to analyze data no matter where it resides—in every layer of the data center, cloud applications and platforms, edge devices, and existing security tools—is the only way to truly protect today’s hybrid IT ecosystem.
Azure Security Center can provide that depth of analysis because it taps into the Microsoft Intelligent Security Graph, which gathers trillions of signals from Microsoft services
and systems housed in more than 100 data centers and millions of servers in 42 regions worldwide.
“Agencies have plenty of security tools already, but they don’t always talk to each other or take into account data
in all of these disparate places,” says Adams. “But if you can collect and analyze all of those signals with machine learning and advanced analytics, you can start to see trends you could never see before. If you can analyze all of those trends consistently, you can get alerted to problems and make better and faster decisions.”
One tool that brings data sources together and applies big-data analytics and machine learning is Microsoft Azure Security Center. The solution analyzes an agency’s logging and telemetry data alongside the anonymized data the company collects globally from all its customers, which cybersecurity experts monitor to identify threats. The data can then be displayed on
a customizable dashboard so agencies can sift through it, score it, and better understand risk.
Azure Security Center can provide that depth of analysis because it taps into the Microsoft Intelligent Security Graph, which gathers trillions of signals from Microsoft services and systems housed in more than 100 data centers and millions of servers in 42 regions worldwide.
With that amount of data being analyzed consistently, the system can spot anomalies that would otherwise be impossible to find. For example, it might discover that an attack signature in an organization’s log files is similar to one that happened elsewhere.
“It’s like being able to apply a sophisticated machine-learning algorithm to all of the data in the world around all cancer patients and being able to see anomalies instead of analyzing data from a single hospital,” says Adams.
As agencies continue to embrace new technologies, the network’s edge will become even more blurred. Although security solutions that protect the perimeter are still important, it is equally essential to understand and address the fact that the perimeter is fluid and that agencies must protect and encrypt data no matter where it lives by providing users the keys—focused on identity—to unlock it.
It’s also important to detect issues early and accurately by relying on technology to help automate policies and gain a unified view of security.
With those shifts, agencies will be able to detect potential security breaches before they can be exploited.
To learn more about Microsoft Azure Government, visit azure.com/gov
To request a free trial, visit aka.ms/azuregovtrial
Sponsored Content