Revealed: New technology from Microsoft is ‘revolutionising’ cloud security

Each year, roughly 74 per cent of the world’s businesses are targeted by cyber attacks, with the rising cost of these attacks expected to reach $3 trillion by 2020, according to experts.

As more and more businesses move to the cloud it becomes increasingly important to ensure that both data and the privacy of users are effectively protected from external threats.

The analyst firm Gartner projects that the public cloud services market will grow to nearly $385bn in 2020 and companies like Microsoft are aggressively researching technological advances to enhance cloud security.

Unlike the wider internet, the cloud has the advantage of being built from the ground up with privacy and security in mind.

“One of the fundamental things people should realise about cloud service providers is that security and compliance is really core,” said Doug Cahill, a senior cybersecurity analyst with the consulting firm Enterprise Strategy Group.

“It isn’t an option for their business. It is their business.”

The cloud presents an opportunity to do security better, and Microsoft says it is working on the tools achieve this. One such tool, the Intelligent Security Graph, provides a blanket immunity across the company’s suite of products: when Microsoft detects a threat to Azure, Office 365 or another service running on its cloud platform, every other service on that platform benefits from that knowledge.

Hundreds of gigabytes of telemetry are added to the Intelligent Security Graph every second, and it then uses machine learning to analyse the data and improve its security defences, honing its responses and eliminating false positives, while continually learning to spot new signs of attack over time.

Microsoft uses this same machine learning branch of artificial intelligence to increase security around passwords.

“The simplest attack is that people’s credentials are stolen through a variety of means, and then they masquerade around as you or me,” said Bharat Shah, Microsoft’s corporate vice president of Security for Azure.

To prevent these kinds of attacks, Microsoft’s cloud platform is able to spot abnormalities in people’s behaviour – such as logging in from an unusual location – and offer solutions via its Windows Hello facial and fingerprint recognition platform as an alternative to traditional passwords.

Other identity-driven security options include the ability to only grant access to certain data for a period of time or requiring multiple people to sign off on high-level actions.

“We want our users to have control,” said Manuel Costa, a principal researcher at Microsoft’s Cambridge research lab in the UK.

“They should be able to make an informed decision on what to share and what to keep private. And our job, on the technology side and the research side, is to make sure that we have very, very strong techniques to honor what our customers expect from us up front.”

Looking to the future, Costa’s team is working on a project – VC3 – that proposes using hardware in cloud computing data centres to create a physical protection around very sensitive data.

While traditional cloud providers are already skilled at keeping data encrypted in transit, this new system would allow Microsoft to let their customers, for example, scrutinise medical records or analyse financial trading data all in the cloud, safe in the knowledge that only the person who owns the data has access to it along the entire information chain.

With the cloud business growing sharply – Microsoft passed its commercial cloud annualised revenue run rate of $20bn in October last year, ahead of schedule – the company says it is constantly investing in both the protection needed for today, and the safeguards that its customers will require in the future.

The cloud is the digital workspace for businesses serious about cyber security and providers like Microsoft are pushing to make it more secure than ever.