Introduction

Microsoft Cloud technology is a hot topic and receiving major investments by Microsoft. Organizations are heavily adapting the latest technology. And for us (the community), we have endless new technologies, features and services to play around with.

This post is a personal outlook on Microsoft Cloud tech in 2024. I share with you what I am looking forward to, and of course this blog Oceanleaf.ch will feature in upcoming posts.

First of all, I am focusing on Microsoft Cloud Security because I think it will be one of the most important topics this year and in the future. I am also in the bubble of this area, but I am convinced and know that there is also a lot more interesting technology out there. A good read is the Microsoft Digital Defense Report to recognize how present cybersecurity is. The Microsoft Securiy Portfolio features:

  • 🔒 Security: with XDR, SIEM and SOAR services Microsoft Defender and Sentinel
  • 🆔 Identity & Management: with identity and access management service Microsoft Entra and mobile device management (MDM) solution Microsoft Intune
  • 🔎 Compliance & Privacy: with data security and information discovery and protection services like Microsoft Purview and Priva
Source: Microsoft

Intune: Suite

The Intune Suite will be one of the highlights in the Enterprise Mobility and Security suite around Microsoft Cloud. The Intune Suite brings additional feature products to Microsoft Intune for fortified security and simplification. The suite will bring great advantages to orgs that already use Intune and are looking for an expanded feature set. Some of the most requested gaps in Intune will be filled by the suite. It contains the following products:

Source: Fortified security and simplicity come together with Microsoft Intune

Microsoft Intune Suite is available as an additional license or per feature add-on license. Learn more about pricing

💡
Of course we will also see a lot of development in Intune outside the Suite. To stay up to date, follow: Intune what's new and Intune in development

Everything on Intune on my blog:

Endpoint Management with Microsoft Intune
Welcome to this coast! Learn everything on Endpoint Management with Microsoft Intune to deploy, manage, secure and monitor endpoints from all platforms through the cloud. Introduction, experience and thoughts Introduction to the Microsoft Intune product familyIntroduction This post is recommended f…

Windows 365 Cloud PC

Cloud PCs powered by Windows 365 introduces a new era in End-User-Computing. Windows 365 is a SaaS (Software-as-a-Service), meaning that you can deliver Windows desktops as a service to your end users. But when it comes to management and integration, Windows 365 offers some major benefits:

  • Seamless management with Intune - now you can manage all your endpoints, regardless of the platform and whether they are phyiscal or virtual as Windows 365 from one single console.
  • Native integrations to Windows - Windows 365 is an evolution of Windows, available fully from the cloud. Additionally, features like Windows 365 Boot and Switch introduce smooth & functional integrations to your familiar Windows experience.
  • New Windows App - Windows is now an app! Get it now from the Microsoft Store - with this app you can now connect to all Windows cloud experiences such as Windows 365, Azure Virtual Desktop and Dev Box.
  • Windows 365 streaming from every device - Microsoft runs a partnership with Motorola smartphones to provide a capability to instantly access your Cloud PC. Read more
  • GPU support - the latest specs on Cloud PCs introduce powerful GPUs for graphics intense workloads. Read more
Source: Microsoft Technical Takeoff

Everything on Windows 365 on my blog:

Windows 365
This coast is all about Windows 365 and the Windows cloud experiences! Windows 365: the easy introIntroduction My first blog posts on Windows 365 were already 2 years old. This year I attended Workplace Ninja Summit in Switzerland and I got hooked by it again. Therefore I want to revive

MacOS management

Source: Microsoft Technical Takeoff

Intune is a cloud-based cross-platform endpoint product. With that, Microsoft is heavily pushing the macOS management story, providing day-zero support, expanding features and developing features to empower the end-user as well as IT admins for the Mac platform.

Source: Microsoft Technical Takeoff

MacOS management with Intune will be one of the hottest topics this year and I also plan to release posts to it, because I love Mac 🖤 and together with Intune, this is a perfect match.

Stay tuned for my Mac blog posts!


Global Secure Access

Global Secure Access integrates network security in the existing security stack of Microsoft Cloud. With Global Secure Access and Microsoft Security Service Edge, familiar network security technologies are revamped and added into the Microsoft ecosystem.

  • Secure web gateway (SWG) - network perimeter protection that inspects and controls traffic for particular networks
  • Firewall as a service (FWaaS) - cloud-based security solution that delivers firewall functionality, such as traffic filtering and network protection and policies
  • Zero Trust Network Access (ZTNA) - security framework that requires zero trust, least privileged, all identities must be authenticated, authorized, and continuously validated before being granted access to company private applications and data
Source: Microsoft

Internet Access

Protect access to any public app/SaaS. The Internet traffic can be managed through security traffic profiles and web content filtering policies. Enabling to:

  • Monitor and control 🕵️‍♂️ http & https traffic from devices with GSA client installed
  • Secure access 🔒 to SaaS apps in the Internet with web content filtering policies (categories or FQDN)

Private Access

Establish and secure access to any on-premises hosted app. (This is a comparable feature to Entra ID Application Proxy)

  • Enable access ✅ to internal apps and protocols when connected with the Global Secure Access client
  • Protect internal apps 🔒 with Conditional Access

Conclusion

With Global Secure Access networking, network security technologies such as VPN, Proxy, SWG, FWaaS, ZTNA, CASB and SD-WAN all are incorporated and brought into the Microsoft ecosystem. Let's see how orgs are rethinking network security and adapt GSA 🚀

Read my blog post on Microsoft Security Service Edge:

Introduction to Microsoft Entra Security Service Edge (SSE)
Introduction New Microsoft technology was released! Microsoft recently announced Microsoft Entra Security Service Edge. I want to briefly summarize whats new as part of my learning. 💡At this time these features are in an early stage and most of it is in public/private preview.SASE The concept of S…

Defender XDR

Microsoft Defender extended detection and response is the unified defender security suite that covers detection, prevention, investigation, and response across endpoints, identities, email, and applications. Defender XDR in combination with Microsoft Sentinel takes over the SecOps by unifying signals and correlation of data.

Source: Microsoft

The full attack chain is backed by Microsoft Defender products to defend in each step and correlate data across lateral silos.

Source: Microsoft

Defender Suite

The heart of every Microsoft 365 orientated organization is the Microsoft Defender Suite to fight against cyberthreats. Resulting in a Defender product for:

Product name Use Reference on Oceanleaf.ch
Endpoint Extended detection and response on Endpoints (XDR) Microsoft Defender: a review
Identity Connect on-premises identity events Defender for Identity fundamentals
Office 365 Leverage email & collaboration security Defender for Office 365 fundamentals
Cloud Apps Cloud access security broker (CASB) A tour through Defender for Cloud Apps

showcase_defender_suite

Everything on Microsoft Defender on my blog:

Defender
Enterprise security solutions, cloud-based, intelligent and automated security responses for Endpoint, Identity, Office 365 and Cloud Apps. A full protection stack. Defender for EndpointHandle threat and vulnerability events on endpoints to prevent malicious and harmful contents. Microsoft Defender:…

Entra

Microsoft Entra is the product family for all cloud identity and network access solutions from Microsoft. Identity and access management is the backbone of all technology. Entra houses more that just classic directory services. Governance, External identities, Verified ID, Permissions Management and now with Global Secure Access the feature set is more diverse then ever.

Source: Microsoft

Protection

One of the core part of Microsoft Entra is its Protection solutions. Cybersecurity is key for any organization that has digital resources. Protecting identities and securing access in Microsoft Entra are therefore important countermeasures. The Microsoft Digital Defense Report mentions fundamental security hygiene practices that would protect against 99% of attacks - most important parts of these security standards are achieved with Microsoft Entra:

  • Enable multifactor authentication (MFA) - protect credentials and provide extra resilience for identities
  • Apply Zero Trust principles - explicitly verify | use least privilege access | assume breach

These two points should be established for every Microsoft Entra customer. The following products help you to achieve this:

  • Authentication methods - configure authentication methods for your tenant > Passwordless and phishing-restiant MFA should be the goal
  • Conditional Access - control access to apps and data based on conditions
  • Identity Protection - user and sign-in risk policies
  • Identity Secure Score - representation of the organizations security posture and opportunity to improve it

Copilot

2024 will be the year of artificial intelligence and Microsoft's answer to this is Copilot. We can assume that every product will have its own Copilot integrated and so does Microsoft Security with Security Copilot. Generative AI integrated to industry-leading technology can provide a major benefit in the usage and overall return on investment for customers. AI empowers with:

  • ⏩ Machine-speed data processing
  • 🔎 Detect anomalies automatically
  • 🧠 Improve and expand knowledge
  • 🔁 Automate repetitive tasks️

Leading to the following benefits:

  • Cost savings by reducing the amount of effort and time for humans
  • Increased efficency
  • Alltime availability
  • Reducing human error
  • Improve customer experience
  • Solving complex problems

powered by

Oceanleaf
Technology blog on Microsoft Cloud. Learn about cutting edge tech, explained simply & straightforward in quality focused blog posts.
You’ve successfully subscribed to Oceanleaf
Welcome back! You’ve successfully signed in.
Great! You’ve successfully signed up.
Your link has expired
Success! Check your email for magic link to sign-in.