Microsoft releases new security controls for multi-cloud customers

The entrance to one of Microsoft's offices
(Image credit: Shutterstock)

Microsoft has unloaded a range of new security controls for multi-cloud customers that include updates to its Defender for Cloud platform and the first service to come from its CloudKnox acquisition.

The first of the new capabilities is a change to Microsoft Defender for Cloud which is aimed at multi-cloud customers that have Google Cloud services.

Defender for Cloud, which was announced at last year's Ignite conference, is a security posture management console that identifies configuration weaknesses across other providers' services. And, with the addition of Google Cloud, Microsoft says it is now the only cloud provider to offer a "native" multi-cloud protection service for the top three platforms (Google Cloud, AWS and Azure).

Support for Google Cloud will come with a simplified onboarding experience, according to Microsoft. This will feature more than 80 "out-of-the-box" recommendations for users to secure their environments. It will include a central "multi-cloud view" that lets users see and compare compliance status against critical benchmarks, such as the Center of Internet Security (CIS).

The next capability comes from last year's acquisition of cloud infrastructure management firm CloudKnox and deals with permission management. Microsoft is launching a public preview of 'CloudKnox Permissions Management', which will give companies "complete visibility" into user and workload identities across the cloud services. This will be largely undertaken by automated features and machine learning-powered monitoring functions.

There are also new functions for Microsoft Sentinel, which is another cloud-native platform that deploys AI to analyse large data sets for security issues. The services will have new basic logs, which will see it sift through high volumes of data and find "low-visibility" threats, according to Microsoft.

This is in addition to new archiving functions that extends data retention to seven years, instead of the current two, and also new search functions for security analysts.

Microsoft is also extending its Azure Active Directory beyond its core capabilities by adding safeguards for workload identities. And, the tech giant has also announced a new secure payment processing function for Azure Payment HSM, which is a public preview.

Bobby Hellard

Bobby Hellard is ITPro's Reviews Editor and has worked on CloudPro and ChannelPro since 2018. In his time at ITPro, Bobby has covered stories for all the major technology companies, such as Apple, Microsoft, Amazon and Facebook, and regularly attends industry-leading events such as AWS Re:Invent and Google Cloud Next.

Bobby mainly covers hardware reviews, but you will also recognize him as the face of many of our video reviews of laptops and smartphones.