What is your security strategy in a mobile first, cloud first world?

We live in a mobile first, cloud first world. Mobility and the cloud has pretty much changed everything; how we work, where we work, how business interacts with customers and how we interact with our loved ones.

If you are a business owner or you’re responsible for the integrity and security of your business assets than you need to have an answer to the question:  “What is your security strategy in a mobile first, cloud first world?”.

Perimeter Security

In the past, IT has been able to focus on great perimeter security. We had our company network and protected access through several layers or security zones with firewalls and other technologies. But in this new world changes everything, and I’m not saying that you don’t need firewalls any longer.

If you use any software as a service from the Cloud, for example Drop Box, Salesforce or Office 365, can you put a firewall in front of these services? All these services can be accessed outside of your perimeter security and therefore another strategy is required.

Identity Driven Security

The security of our users identity has to be the focus and driver of all security measures we take. We better make sure that if John Doe signs in on an application that it is in fact John Doe.

Out there in the cloud there is actually a big battle over who will be your identity provider. In a perfect world, I would just have one user identity, like I am just one person. Right now it seems that the long term goal is that every person has two identities; a personal one and a business one.

Let’s think about the benefits. If I could use just my one personal identity and login to all services that I consume, from Social Media through Media Streaming, Shopping, and Banking, then I wouldn’t even need a password manager anymore. But before we can get there, we need the identity providers to ensure the security of our identity.

So we need to move forward to this so called Identity Driven Security and we better choose a partner that can provide us with a holistic solution across all platforms. Currently, most businesses use a point solution; one for mobile devices and mobile applications, one for identity and maybe another one for file level encryption. If I had a personal security detail, I would also use one company that can provide me with a holistic approach and not have to deal with different vendors to provide the driver and another one to provide the detail walking besides me. What I really want is a team that works well together.

There is a high chance that you are currently protecting the identities of your business or employees with Microsoft Active Directory. In fact, I believe it’s fair to say that the majority of companies worldwide leverage and entrust their workers identity to Microsoft’s Active Directory. Therefore, Microsoft has an extensive knowledge and experience in identity. So it makes absolutely sense that they now extend this to the cloud.

Microsoft doesn’t just extend their Active Directory technology to the cloud, but has actually taken the lead in identity driven security in this mobile first, cloud first world.

Microsoft’s Enterprise Mobility Suite provides you with all the solutions you need for an identity driven security in your business. Some of the key features are:

  • Threat detection: Detects abnormal user behavior, suspicious activities and so on…
  • Multi Factor Authentication / Self Service Capabilities / Single Sign on to literally thousand popular applications
  • Get in control of shadow IT / Manage Mobile Applications with multiple user identity to allow your workforce to use the tools they love and are familiar with
  • Encryption on file level for your most critical documents, no matter where the document is stored. You’re in full control, you can monitor who accessed from where, from which devices which file and can revoke access at any time.

The best thing of the Enterprise Mobility Suite and Cloud App, which I’ve written about in one of my previous blogs, isn’t just the holistic approach but also that these are our cloud born solutions. It’s not something old that got transformed into something new, it’s actually the new world approach with the new world technology. And because it’s cloud born, it’s always up to date and new features and capabilities are provided continuously.

If you want to learn more about this topic, please feel free to reach out to me or to your point of contact at Microsoft. In case you rather read up more on this topic, than I would suggest you visit the Enterprise Mobility Suite  website.

As always, I’m looking forward to your feedback. Let me know if this is of value and or if I missed anything. If you loved it, I kindly ask you to please share it with your network and help me to grow the reach of my work on this platform.

Written by Dave Kurth
Thriving within my current role as Sr. Product Marketing Manager Azure, I'm focused on Azure Hybrid, Azure Stack Hub, Azure Stack Edge