Microsoft’s cloud is constantly under attack. While it’s no surprise that the Redmond, Wash. technology giant makes a tempting target for cyber-attackers, but the scale of the attacks weathered by the company may raise some eyebrows.
On a typical day, 1.5 million attempts are made to breach Microsoft’s cloud systems, the company revealed today in on its website. Keeping attackers at bay are over 3,500 security engineers and Microsoft’s Intelligent Security Graph, an AI-enabled system that uses machine learning to analyze hundreds of billions of authentications and other security information generated by the company’s IT systems.
Each second, Microsoft feeds hundreds of gigabytes of telemetry into the Intelligent Security Graph, the company claims. And every month, Microsoft scans an estimated 400 billion emails that flow through Office 365 and Outlook for phishing scams and malware.
All told, Microsoft invests $1 billion each year in cloud security. These statistics aside, the company continues to roll out new features and product enhancements to eliminate security gaps for customers.
Today, Microsoft announced that its Azure AD (Active Directory) Conditional Access feature now supports the Azure Portal and Teams, the company’s Slack-like group chat and collaboration application. Launched last summer, and available as part of Azure AD Premium plans, Conditional Access allows companies to restrict access to business applications and other resources, blocking users access unless their devices meet certain requirements. For example, administrators can stop attempts to access applications from untrusted networks or use the feature to enforce multi-factor authentication.
Linking Azure AD Conditional Access to the Azure Portal, the cloud service’s management hub, is a major step toward helping the company’s customers secure their cloud accounts. Previously, Microsoft only offered multi-factor authentication as a way to protect administrator accounts on the Azure Portal.
Microsoft isn’t the only cloud provider caught in an endless war against cyber-scammers.
Last week it was revealed that OneLogin, a popular password management service, suffered a breach. A hacker had somehow managed to gain access to OneLogin’s Amazon Web Services (AWS) credentials, keys that were then used to perform reconnaissance on the company’s operations. OneLogin uses AWS as its cloud provider.
“The threat actor was able to access database tables that contain information about users, apps, and various types of keys,” explained Alvaro Hoyos, chief information security officer at OneLogin, in a blog post. “While we encrypt certain sensitive data at rest, at this time we cannot rule out the possibility that the threat actor also obtained the ability to decrypt data.”
In the meantime, the venture capital community keeps pouring funds into cloud security firms.
Netskope just announced it had raised $100 million to bulk up its Cloud Access Security Broker (CASB) technology and expand its market presence. Underscoring the competitive nature of today’s cloud security market, Sanjay Beri, founder and CEO of Netskope, told eWEEK’s Sean Michael Kerner that the funding “was an over-subscribed, pre-emptive round,” adding that the company was not in need of, nor was it soliciting, investments.
