Cloud security, and securing data as it flows from public to private clouds, is big business, and only expected to get bigger as more workloads and apps move to the cloud. Now, Microsoft is showing how complicated cloud security can get within its own infrastructure.
To help combat these attacks, Microsoft uses about 3,500 engineers to constantly monitor its infrastructure and its Azure cloud.
Microsoft is pulling back the curtain on its cloud security operation at a time when security is on the top of the list of IT concerns, especially after the Wannacry ransomwear attack took place in early May.
As Curtis Franklin wrote on Security Now, the Wannacry attack served as a wake-up call for IT departments about the importance of patching systems -- Microsoft had to issue security patches during this time -- as well as the complexity of infrastructure where a patch meant to protect one system can damage another. (See WannaCry Continues at a Slowed Pace.)
At the same time, companies of all sizes are spending more on cloud security. In a June 8 blog post, Forrester Research analyst Jennifer Adams estimates that cloud security spending will top $3.5 billion by 2021.
Cloud security remains a small portion of overall security software spending, which totaled $24 billion in 2016 and is expected to grow 10% annually this year and next, according to Forrester. However, the biggest tech vendors are investing more in securing public and private cloud, including Microsoft paying $320 million for Adallom in 2015, and Cisco buying CloudLock for $293 million last year.
In addition to acquiring companies that specialize in cloud security, Microsoft is tapping into new technologies to help sort through the various threats that target its systems.
Part of the reason for revealing stats about its cloud security is for Microsoft to talk about Intelligent Security Graph, which uses machine learning to keep track of 450 billion authentications the company processes each month, along with 400 billion emails scanned for malware and phishing as 1 billion Windows updates.
One of the problems in security is what's called "FPFN" or false positives and false negatives, which can lead security researchers on chases and leave systems unguarded. The machine learning part of Intelligent Security Graph automates some of the scanning of all these systems and data to reduce the odds of chasing after incorrect security reports.
In the blog post, Microsoft's Julia White, the company's corporate vice president for Azure and security, notes that securing data is one of the biggest reasons companies want to move to the cloud, which means Redmond needs to respond to that shift in computing.
"It was only a few years ago when most of my customer conversations started with, 'I can't go to the cloud because of security. It's not possible,' " White wrote. "And now I have people, more often than not, saying, 'I need to go to the cloud because of security.' "Related posts:
- Microsoft Eyes Azure Cloud Expansion in Africa
- Microsoft Draft Looks to Make Containers Easier
- Microsoft Azure Beefs Up Cloud-Based Database Support