Newss Technology

Microsoft Defender ATP gets new Threat & Vulnerability Management functionality

Microsoft has announced the general availability of Threat & Vulnerability Management solution. The tech giant says the solution was made available on June 30 and provides real-time vulnerability management to the organizations.

The new solution is a built-in capability in Microsoft Defender ATP (Advanced Threat Protection). The Microsoft Defender ATP uses a risk-based approach to discover, prioritize, and mitigate endpoint vulnerabilities and misconfigurations.

While designing the solution, Microsoft worked with a dozen of enterprise customers including Telit, a global leader in IoT enablement, to understand the limitations and complications of the existing processes.

During the process, Microsoft found that the current approaches being used to scan vulnerabilities are slow and periodical. This could lead to security blind spots between scans, flooding the organizations with vulnerabilities. Further, manual mitigation of vulnerabilities sometimes takes days, weeks, or months to complete. Hence, attackers have a window to attack the enterprises.

Threat & Vulnerability Management solution is aimed to address these issues.

“Our goal is to empower defenders with the tools they need to better protect against evolving threats, and we believe this solution will help provide that additional visibility and agility they need,” wrote Rob Lefferts, Corporate Vice President at Microsoft Security, in a blog post.

The new offering will provide several benefits to customers, like enabling continuous discovery of vulnerabilities and misconfigurations, and business-context based prioritization and dynamic threat landscape. It will provide correlation of vulnerabilities with endpoint detection and response (EDR) alerts to expose breach insights.

Customers will also get machine-level vulnerability context during incident investigations, built-in remediation processes through integration with Microsoft Intune and Microsoft System Center Configuration Manager.

The new TVM solution is now generally available. Existing customers can find it in Microsoft Defender ATP portal. New customers can take a free trail here.

READ NEXT: Microsoft empowers Indian startups to scale globally with new initiative and venture fund expansion


50% of employees use apps and software not approved by the enterprise: Igloo report

Employees are confident about the security of the tools and systems implemented by their companies. But their behavior is risky when it comes to sharing confidential information. As per a recent report by Igloo, 69% of employees use email for storing or sharing confidential information.

Igloo, a leading provider of intranet software & digital workplace solutions, surveyed over 2,000 individuals at companies with 250+ employees. In the report titled “2019 State of the Digital Workplace”, the company said that push for the digital transformation in the enterprise is rapidly accelerating.

Below are the key findings of Igloo’s 2019 State of the Digital Workplace report:

  • Remote employees feel left out because of traditional technologies

Today, the remote working culture is trending as more and more companies allow employees to work from outside the office. But the remote workers face several challenges.

As per the report, 69% of remote workers said that they faced challenges which aren’t faced by the employees who work from the office.

They feel missing out on information (56%), being excluded from meetings (54%), and struggling to access important documents (43%).

These challenges can be solved by adopting a modern and digital workplace.

  • Knowledge-sharing and collaboration practices remain risky

91% of employees are confident about the collaboration tools provided by the company that they would allow only authorized individuals. However, their behavior is risky when it comes to sharing confidential data. 69% of them use emails to store or share that data, 45% use shared document drives, and 38% use intranet. Only 14% of employees use secure FTP.

50% of employees use apps that aren’t approved by the enterprise. Of them, 55% use non-approved apps to avoid being tracked by the company, while 62% use these for ease of use.

Also read: 97% of enterprises perform data backup at least once a year: Acronis’ World Backup Day survey

  • Majority of intranet solutions aren’t meeting collaboration needs

80% of employees said that they use the intranet, majorly for communication, collaboration, and information sharing. However, respondents said that they found it difficult to find the resources that allow them to do so.

A lot of them reported difficulty in finding the right documents. 43% said that they chose to avoid sharing a document with a colleague because they found it difficult to find the document.

To download the full “2019 State of the Digital Workplace” report, click here.

Images source: Igloo


Carelessness of employees leading to enterprise security concerns: Microsoft report

Poor security habits within large public sector and commercial organizations are leading to loss of important data and intellectual property. According to a report by Microsoft Ireland, 22% of employees write down their passwords and 8% of them keep the passwords in a document on computer. 44% of employees recycle their personal passwords, which means that they tend to use same passwords for both work and home devices.

Microsoft Ireland commissioned Amarach Research across 700 employees working in large Irish organizations to find the security culture within organizations to understand the way employees access and use confidential data at work and on the go. The research found security gaps that allows hackers to exploit enterprise systems.

As per the report, employees that work from home are more likely to engage in activities that can cause security concerns as compared to other employees.

“Organisations can invest in robust data protection and security measures, but their employees could, accidently, bring about a potential security disaster for their organisation,” said Des Ryan, Microsoft Ireland Solutions Director.

“The most common and least detected sources of data breaches are compromised identities. Passwords can be hacked, guessed, leaked or lost. New technologies like biometric security can deliver the robust security required to protect organisations from most social engineering attacks.”

49% of employees use personal email accounts to save, edit, send, and share work related documents. Further, 24% of employees accidently share work-related items with their friends and family. 73% of them use free Wi-Fi for their work when working from home.

Only 54% of employees said that they receive proper data security training once a year. Only 16% of them had changed their passwords in last 12 months in line with the policies of organization.

Microsoft also mentioned that employees are using same weak passwords across different accounts in their work and home. If one of the passwords is leaked, this can lead to hacking of other accounts as well. For addressing this issue, 60% employees choose to use biometric authentication as an alternative to passwords.

One in three organizations allow employees to use work devices for work purposes only. 50% of employees reported that their personal is better than work device. Whereas, 30% of employees sometimes use their personal device for accessing work files.

“Organisations must now ensure they are taking a considered approach to data security, and embrace new procedures and technologies, coupled with consistent training, enforced policies, along with better device upgrades to enable employees to deliver the productivity needed for successful transformation with a minimum of risk to the organization,” added Des Ryan.

“We see needless security risks created by employees who are unaware or are working from older devices or older versions of Windows. For example, those who are working in a public Wi-Fi spot who do not have the latest security measure or hardware and are in effect, broadcasting sensitive data that can be picked up by a hacker.”

Along with these security concerns, Microsoft also shared some tips to protect the organization. The enterprises should provide training to employees to keep them updated on latest cyberthreats and help them learn what they can do to keep confidential data safe.

Also read: Online risks in India decreased by 2% as people decline unwanted contact—Microsoft report

Employees should open links in emails only when the emails are from trusted sources. They should use longer passwords by mixing them up with upper- and lower-case letters, special characters, and numbers. Multi-factor authentication should also be considered.

Further, organizations need to keep every enterprise software up-to-date, to avoid vulnerabilities. Latest version of Windows 10 should be used, especially because the support for Windows 7 is nearing end.

To access full report, click here.