Driven by the central role all things digital plays on our daily life I have been motivated to write a series of blogs centered on security, more specifically, Microsoft cloud security. The Seattle-based multinational giant invested over $1 billion on cybersecurity  last year and it´s no coincidence its cloud business doubled its revenue in two years, reaching $18.9.
Security breaches can affect us all regardless of geographical location, even if we think we´re not exposed because we´re just normal average users. Most notably, there were 7 exploits in 2017, some wreaking absolute havoc, affecting many average users, utility companies, health care systems, airports, entire countries, and government agencies. You can point your browsers to the United States Computer Emergency Readiness Team´s website if you´re curious about current security issues, vulnerabilities, and exploits.
Considering this subject too broad and the fact it transcends on-premise, hybrid, and cloud architectures, I will be guided by Microsoft´s own security page as blog framework/parting point and elaborate from there:
- Threat protection
- Information protection
- Security management
My aim is to provide the reader with sources that can be appended to their reference arsenal in this ever-evolving industry and explain the areas I cover in the most digestible way possible. Additionally, I will share external resources that will help keep you updated and my favorite places to turn to for assistance when I find myself in a bind.
So, why focus my blogs on Microsoft security?
I have been an avid open source user since my college days, checked email with Pine, used Gopher, Veronica, Archie, Jughead to search for information, and surfed the web with Lynx before NCSA Mosaic. I leverage open source tools when applicable and admire the fact Azure supports numerous non-Microsoft tools and diverse architectures in its cloud offerings.
I chose to focus on Microsoft security because it´s directly related to my job and has been throughout my career.
I passed my first Microsoft certification exam back in 1997, I am currently an MCSD, MCSE, MCP, and an Azure Solutions Architect so the focus is a natural choice for me. I have also worked with world-class data loss prevention solutions and have always been captivated by the world of cybersecurity.
Another reason for my particular focus is the plentiful and current compliance certifications Microsoft possesses that are useful when designing solutions which may collect and use individual´s data. Documentation abounds and there are many security-centric websites Microsoft maintains that offer up-to-date information and resources. For example, Microsoft´s Trust Center is an outstanding site where anyone can sign up for a cybercrime webinar, brush up on Security Development Lifecycle, or read about the fascinating worlds of Microsoft Digital Crimes Unit and Microsoft Cyber Defense Operations Center.
To conclude, there are many enterprise-level solutions in the market that address many or all security concerns as there are cloud platforms. I will, however, blog about security wearing my myopic Microsoft-centric goggles knowing full well it is not a Microsoft-only world.
Thank you for your visit, warm regards, and I look forward to keeping you engaged with the next blog: Identity.