Welcome to Microsoft Corporation

Done by:
Leanna Hoyte
Darrin Griffith
Lamar Jack
Description of
Company

• We generate revenue by
developing, licensing, and
supporting software,
hardware, and online
advertising.
Products we Offer

• Our products include operating

systems, server applications,
productivity applications, business
solution applications, desktop and
server management tools,
software development tools, video
games, and online advertising.
Our Services

Cloud-based solutions provide

customers with software, services
and content over the Internet, with
revenue from usage fees and
advertising.
Microsoft Risk Assessment
Brief Description

• MSRA is designed to evaluate

the effectiveness of a security
strategy by evaluating the
defense-in-depth concept.
Data Security Threats that affect
Microsoft

• Lost Device(s):

Mobile or remote employees can access data remotely from an

infected PC, compromising the security of the data.
• Identity theft:

Stolen credentials allow attackers to gain access to sensitive

information while impersonating an employee.
 Contin

• Internal Threat:

The threat originates from within the organization itself and includes acts of espionage or various
methods of employee data theft.

• External Sharing of sensitive information:

Compromised employees or industrial spies may share sensitive data with outsiders, posing a serious
threat to data security.

07/17/2023
7
Microsoft Multi-Layered Data
Security Design

• Microsoft Defender for Cloud:

Unified infrastructure security

management system provides advanced
threat protection across hybrid workloads.

• Azure Active Directory:

The Microsoft cloud-based identity and

access management service.
 Contin

• Azure Firewall:

A cloud-native, intelligent network firewall

security service that provides threat
protection for your cloud workloads that run
in Azure.

•  Azure Key Vault:

Key Vault is a secure store for tokens,

passwords, certificates, API keys, and
encryption keys.

07/17/2023
9
Microsoft Data Security
Policy

• Security policies set standards

and define procedures for
network and data protection.
Threats that are mitigated at the “Microsoft
Defender for Cloud” Layer

• Phishing and social engineering attacks:

Microsoft Defender for Cloud can detect and block phishing emails and
other social engineering attacks.
• Malware and viruses:

The solution uses machine learning and advanced technologies to detect

and block malware and viruses in real-time, preventing infections and
protecting against data theft.
 Contin

• Identity-based attacks:

Microsoft Defender for Cloud can detect and respond

to identity-based attacks, such as stolen credentials or
brute-force attacks, that attempt to gain access to
sensitive data or systems.

07/17/2023
12
Two Technologies that can be
implemented to mitigate or
counteract at this layer

• Behavioral analysis:

Microsoft Defender for Cloud uses behavioral

analysis to detect potential threats and block
them.

• Machine learning:

Machine learning is used by Microsoft Defender

for Cloud to detect and respond to threats, such
as phishing emails, login attempts, and network
activity.
 Threats that are mitigated at the “Azure Active
Dictionary” Layer

• Password attacks:

Azure AD provides features to protect against password attacks, such as password

complexity requirements, password expiration policies, and MFA.
• Insider threats:

Azure AD provides tools to monitor and control user access to resources to prevent
insider threats.
• Malware and phishing attacks:

Azure AD integrates with Microsoft Defender for Endpoint and Office 365 to protect
against malware and phishing attacks.
Two Technologies that can be
implemented to mitigate or
counteract at this layer

• Multi-Factor Authentication (MFA):

MFA is a security technology that requires users to

provide two or more forms of authentication to access
resources, even if an attacker has compromised their
password.

• Conditional Access:

Conditional Access allows administrators to define

access policies based on user location, device, or risk
level to prevent unauthorized access and reduce data
breaches.
Threats that are mitigated at the “Azure
Firewall” Layer

• DDoS attacks:

Azure Firewall can help mitigate DDoS attacks by blocking malicious IP addresses and limiting traffic based on source IP address.

• Network-based attacks:

Azure Firewall can protect against network-based attacks and restrict traffic to specific ports and protocols to prevent
unauthorized access.

• Insider threats:

Azure Firewall can protect against insider threats by using network segmentation and access controls to restrict access
to resources.
Two Technologies that can be
implemented to mitigate or
counteract at this layer

• Network Security Groups (NSGs):

Administrators can use NSGs to restrict traffic

based on IP address, port, and protocol to reduce
the attack surface and protect against network-
based attacks.

• Threat Intelligence:

Azure Firewall can use threat intelligence feeds

to identify and block traffic from known
malicious IP addresses and domains, reducing
risk and improving security posture.
Threats that are mitigated at the “Azure
Key Vault” Layer
• Unauthorized access to secrets:

Azure Key Vault provides role-based access control and access policies to limit access to
secrets and ensure only authorized users can access them.

• Key compromise:

Azure Key Vault uses HSMs to protect against key theft and tampering.

• Insider threats:

Audit logging and monitoring can help identify and investigate potential insider threats.
Two Technologies that can be
implemented to mitigate or
counteract at this layer

• Multi-Factor Authentication (MFA):

Azure Key Vault can be configured to

require MFA for access to secrets,
reducing risk and improving security.
• Key Rotation:

Azure Key Vault can automatically rotate

keys and certificates to reduce risk of key
compromise and improve security.
What is a VPN?

• Virtual Private Network

VPNs provide secure access to corporate

networks and encrypt data between cloud
services and on-premises infrastructure.
How does a VPN work?

• A VPN (Virtual Private Network)

works by establishing a secure,
encrypted tunnel between two
devices or networks over the
internet. When a VPN
connection is established, all data
sent between the two devices is
encrypted and secured,
protecting it from interception
and unauthorized access.
Layer the VPN would be
implemented at

• Azure Firewall Layer

Threats that would be mitigated or counteract by
implementing a VPN at this layer

• Eavesdropping

VPNs provide a secure, encrypted tunnel to protect data from eavesdropping.

• Man-in-the-middle attacks:

VPNs protect data from man-in-the-middle attacks by encrypting and securing it.
• Unauthorized access:

VPNs can help prevent unauthorized access to corporate resources by requiring

multi-factor authentication.
 Two Disadvantages or Shortcomings of the Technology

• Slower network performance:

VPNs can slow down network

performance when transmitting large
amounts of data or using bandwidth-
intensive applications.
• Security risks if not configured properly:

VPNs can be insecure if not

configured properly, allowing
attackers to bypass security
measures and exploit vulnerabilities.
 Two possible ways the
Technology can be improved

• Implementing better encryption algorithms:

VPNs can provide strong encryption without

sacrificing network performance by using
more efficient encryption algorithms.
• Implementing better security controls:

Organizations should implement better

security controls and monitor VPN
connections for potential security breaches.