Microsoft traditionally had left security to its partners and as someone who has been involved in the Microsoft stack for almost 20 years, I’ve been in an interesting position, watching their approach transform and change in line with business conditions.
But this isn’t the first time Microsoft has evolved their position…
When Hyper-V, Microsoft’s “free” enterprise grade hypervisor, was initially released, the product was only used by the most die hard of Microsoft organisations (read: bundled within their Enterprise Agreement) and cost-conscious of small businesses. It seemed to be years behind the clear market leader at the time, VMware.
At the time I knew of only a handful of big customers that had taken the plunge into Hyper-V (with its management friend, VMM) and I would only hear of problems emanating from their support teams, citing; a lack of functionality, “undocumented features” and an absence of those quality-of-life features we had taken for granted from VMWare. Simply stated, the early days of Hyper-V were troubled.
Yet, Hyper-V persevered, with Microsoft’s development team putting in the work over the years to overcome the seemingly insurmountable challenge that lay in front of them. Work that would later form the foundation for Azure’s hypervisor layer and a staple for businesses running on-premises virtualised workloads.
With an aggressive pricing strategy (free) and a slow but steady iterative cycle, the immature product eventually narrowed the gap between its market leading bigger brother. Today the differences between the big players have narrowed with Hyper-V providing the majority of what an average customer needs, minus the premium price of the market leader; a tough proposition to resist.
“First they ignore you, then they laugh at you, then they fight you, then you win” – Nicholas Klein
Why do I tell this story? Because I see an all too familiar parallel with Microsoft’s security story. The quiet development of services (with a focus on identity and reporting), building upon Microsoft’s existing capability within Mobile Device Management (MDM) and recognising their position in most organisations as the binding glue between services (Azure AD and ADDS). A quiet development that would see Microsoft’s outward view of security evolve as it moved from security being an optional bolt-on (EM+S) to an intrinsic part of their service (Microsoft 365).
Coupled with the billions of investment they put into their ongoing security efforts, it became relatively easy to see why Microsoft had become an “overnight success” within the field and has the established security providers more than a little bit uncomfortable.
But here is why I think Microsoft’s security story is going to be successful for the average punter: Microsoft’s journey will mirror your own.
Microsoft has targeted the average organisation, not just the fortune 500 or the big 4 banks. It’s developed its offering for everyone, no matter how small, with a service that grows with you, allowing you to chose what works, discard what doesn’t and all the while providing bigger businesses with what they need. They did this by solving the problems you’re going to face, and doing it at a price that will get your attention.
That’s why Microsoft’s Security offering not only will work, but why it IS working.
This article was written by Anthony Koochew, Founder & CEO of Azured in Australia. Anthony is an Architect with over 10 years of experience helping clients realise the most value from Microsoft Azure, Office 365 and EMS. View Anthony’s full profile. You can read the original post, and more from Anthony and the team over in Australia, here.From traditional network security to SASE, and beyond…?
by Anthony Koochew, Founder & CEO, Azured Australia
In my early days in the industry, the only way I could access work resources was to be sitting at my desk, on my work supplied desktop using my internally delivered corporate services. When I left my desk I wasn’t notified on my phone of an incoming email or Teams meeting- I had to walk back to my machine to get access to such things.
The world was simpler then. Work resources were at work, often delivered from within that same office and accessed within that very same location. So wrap a firewall around it all, lock down the desktop (some people took that to hilarious degrees!) and ensure good hygiene with Anti-virus (AV) and systems updates.
Edge protected, job well done.
Contrast that to today. The expectation that has been set by consumer-level services (like Facebook, Gmail etc) is that it doesn’t matter where I am, I will have the same level of experience. Ultimately, it was the consumerisation of IT that drove people to ask why they could access Dropbox from home (or on their iPad) but were restricted to a server fileshare only accessible by VPN or at best, on their work supplied laptop.
Enter cloud, exit on-premises apps. Enter BYOD, exit corporate supplied and managed devices.
The concept of a perimeter network made no sense when there no longer is a perimeter. With data increasingly residing outside of the traditional confines of your offices the “edge” has become increasingly porous and largely irrelevant.
So, how do I deliver a consistent level of protection (and experience) to everyone, everywhere? AND not throw the baby out with the bath water – we had, after all, developed some really powerful security technologies during the intervening years…
Cue SASE or Secure Access Service Edge. SASE is really just a collection of security technologies and ideas (both old and new) built upon a central assumption – users will be disparate, services will be cloud delivered and identity is king.
Furthermore, SASE pushes you to answer additional questions such as:
SASE is ultimately the recognition that the times have changed, that attackers and attack vectors have become more sophisticated, driven by an insatiable appetite for cloud services, and our approach to security needs to recognise that.
Anthony is an Architect with over 10 years of experience helping clients realise the most value from Microsoft Azure, Office 365 and EMS. View Anthony’s full profile. You can read the original post, and more from Anthony and the team over in Australia, here.