At a recent briefing held at Microsoft’s South African headquarters, Microsoft and IDC reps together outlined the current cloud situation, and just how Microsoft is constantly working to ensure that its cloud platforms are secure, regulation-compliant and can be trusted by business. That trust, they say, is vital to the adoption of cloud-based services by business going forward.
IDC analyst and research manager Jon Tullett told the assembled journalists that cybersecurity attacks are widespread, and on the rise. There are programs lurking on the internet, constantly scanning for vulnerabilities, which can pounce on security weaknesses in a matter of seconds.
100 seconds is all you have
He used the example of a researcher who connected a wireless security camera to the internet, which was compromised by malware just 100 seconds later. The most alarming aspect of such a fast attack is that from there, attackers can potentially gain access to the network that camera is on, and from there to much of the data attached to that network.
Microsoft itself says there has “…been a staggering increase in cybercrime including a proliferation in cyber-attacks that range from theft of data through to malware, Man in the Cloud “MitC”, and side channel attacks to co-ordinated spam emails or phishing attempts. Cybercrime already costs the South African economy an estimated $573 million annually and the cost of data breaches will increase to a staggering $2.1 trillion globally by 2019.”
Attacks can lead to closures
And businesses can’t afford to be taken offline by cyber attacks. Tullett says that a single cyber attack can take out a business completely; as much as 60% of small to medium-sized businesses who’ve suffered data breaches have gone out of business within six months of being attacked.
Microsoft is all too aware of these realities, and works around the clock to ensure its platforms are as compliant and secure as its engineers can make them. Each year, Microsoft invests $1 billion in cyber security, culminating in the largest anti-virus and anti-malware service in the world, and updates nearly 1 billion Windows devices worldwide each and every month.
Enterprise-grade security
Every second, the company adds hundreds of Gigabytes worth of the telemetry to its Intelligent Security Graph, including the results from 200 billion emails scanned for malware and phishing each month. This means enterprise-grade security that sets the standard for the industry.
Microsoft also works to ensure that its platforms comply with the local legislation of the countries it operates in. Senior Counsel for Microsoft South Africa Theo Watson told us that for businesses interested in remaining compliant with the Protection of Personal Information Act – some of whose provisions are already in effect – that means continued use of Microsoft’s Azure platform and all of the services it makes available without violating that legislation is possible.
Core cloud tenets
The briefing also outlined the four core tenets of Microsoft’s approach to the cloud, which are all intended to inspire end-user confidence in Microsoft’s commitment to privacy, security and data sovereignty:
- As a customer, you know how we manage your data. We use your customer data only to provide the services we have agreed upon, and do not mine it for marketing or advertising. If you leave the service, Microsoft follows strict standards and specific processes for removing data from our systems.
- You know where your data is located. Customers who must maintain their data in a specific geographic location, such as within the EU, can rely on our expanding network of datacentres around the world. Microsoft also complies with international data protection laws regarding transfers of customer data across borders.
- You know who can access your data and on what terms. We take strong measures to protect your data from inappropriate access, including limits for Microsoft personnel and subcontractors. However, you can access your own customer data at any time and for any reason.
- Microsoft sets and adheres to stringent privacy standards. Strong contractual commitments back our privacy standards and best practices.
With such a clear and transparent commitment to the security, privacy and data integrity of its users, Microsoft is positioning its Azure-based cloud services for maximum appeal to businesses in an age fraught with ever-increasing cyber risks and legislative requirements.
[Image – CC BY 2.0]