Hot Microsoft Cloud technology 2024
Microsoft Cloud technology is a hot topic and receiving major investments by Microsoft. Organizations are heavily adapting the latest technology. And for us (the community), we have endless new technologies, features and services to play around with.
This post is a personal outlook on Microsoft Cloud tech in 2024. I share with you what I am looking forward to, and of course this blog Oceanleaf.ch will feature in upcoming posts.
First of all, I am focusing on Microsoft Cloud Security because I think it will be one of the most important topics this year and in the future. I am also in the bubble of this area, but I am convinced and know that there is also a lot more interesting technology out there. A good read is the Microsoft Digital Defense Report to recognize how present cybersecurity is. The Microsoft Securiy Portfolio features:
- 🔒 Security: with XDR, SIEM and SOAR services Microsoft Defender and Sentinel
- 🆔 Identity & Management: with identity and access management service Microsoft Entra and mobile device management (MDM) solution Microsoft Intune
- 🔎 Compliance & Privacy: with data security and information discovery and protection services like Microsoft Purview and Priva
The Intune Suite will be one of the highlights in the Enterprise Mobility and Security suite around Microsoft Cloud. The Intune Suite brings additional feature products to Microsoft Intune for fortified security and simplification. The suite will bring great advantages to orgs that already use Intune and are looking for an expanded feature set. Some of the most requested gaps in Intune will be filled by the suite. It contains the following products:
- Remote Help - remote assistance tool, natively integrated into Intune
- Specialty device management - manage AR/VR headsets and meeting/conference room devices
- Tunnel for Mobile App Management - application based tunnel
- Endpoint Privilege Management - Windows elevation management for least-privilege and just-in-time access
- Advanced Analytics - AI powered data collection and correlation to optimize your endpoint infrastructure
- Enterprise Application Management - Microsoft catalog of common apps to deploy with Intune
- Microsoft Cloud PKI - cloud-based certification authority with integrated SCEP endpoint for certificate deployment to endpoint
Microsoft Intune Suite is available as an additional license or per feature add-on license. Learn more about pricing
Everything on Intune on my blog:
Windows 365 Cloud PC
Cloud PCs powered by Windows 365 introduces a new era in End-User-Computing. Windows 365 is a SaaS (Software-as-a-Service), meaning that you can deliver Windows desktops as a service to your end users. But when it comes to management and integration, Windows 365 offers some major benefits:
- Seamless management with Intune - now you can manage all your endpoints, regardless of the platform and whether they are phyiscal or virtual as Windows 365 from one single console.
- Native integrations to Windows - Windows 365 is an evolution of Windows, available fully from the cloud. Additionally, features like Windows 365 Boot and Switch introduce smooth & functional integrations to your familiar Windows experience.
- New Windows App - Windows is now an app! Get it now from the Microsoft Store - with this app you can now connect to all Windows cloud experiences such as Windows 365, Azure Virtual Desktop and Dev Box.
- Windows 365 streaming from every device - Microsoft runs a partnership with Motorola smartphones to provide a capability to instantly access your Cloud PC. Read more
- GPU support - the latest specs on Cloud PCs introduce powerful GPUs for graphics intense workloads. Read more
Everything on Windows 365 on my blog:
Intune is a cloud-based cross-platform endpoint product. With that, Microsoft is heavily pushing the macOS management story, providing day-zero support, expanding features and developing features to empower the end-user as well as IT admins for the Mac platform.
MacOS management with Intune will be one of the hottest topics this year and I also plan to release posts to it, because I love Mac 🖤 and together with Intune, this is a perfect match.
Stay tuned for my Mac blog posts!
Global Secure Access
Global Secure Access integrates network security in the existing security stack of Microsoft Cloud. With Global Secure Access and Microsoft Security Service Edge, familiar network security technologies are revamped and added into the Microsoft ecosystem.
- Secure web gateway (SWG) - network perimeter protection that inspects and controls traffic for particular networks
- Firewall as a service (FWaaS) - cloud-based security solution that delivers firewall functionality, such as traffic filtering and network protection and policies
- Zero Trust Network Access (ZTNA) - security framework that requires zero trust, least privileged, all identities must be authenticated, authorized, and continuously validated before being granted access to company private applications and data
Protect access to any public app/SaaS. The Internet traffic can be managed through security traffic profiles and web content filtering policies. Enabling to:
- Monitor and control 🕵️♂️ http & https traffic from devices with GSA client installed
- Secure access 🔒 to SaaS apps in the Internet with web content filtering policies (categories or FQDN)
Establish and secure access to any on-premises hosted app. (This is a comparable feature to Entra ID Application Proxy)
- Enable access ✅ to internal apps and protocols when connected with the Global Secure Access client
- Protect internal apps 🔒 with Conditional Access
With Global Secure Access networking, network security technologies such as VPN, Proxy, SWG, FWaaS, ZTNA, CASB and SD-WAN all are incorporated and brought into the Microsoft ecosystem. Let's see how orgs are rethinking network security and adapt GSA 🚀
Read my blog post on Microsoft Security Service Edge:
Microsoft Defender extended detection and response is the unified defender security suite that covers detection, prevention, investigation, and response across endpoints, identities, email, and applications. Defender XDR in combination with Microsoft Sentinel takes over the SecOps by unifying signals and correlation of data.
The full attack chain is backed by Microsoft Defender products to defend in each step and correlate data across lateral silos.
The heart of every Microsoft 365 orientated organization is the Microsoft Defender Suite to fight against cyberthreats. Resulting in a Defender product for:
|Reference on Oceanleaf.ch
|Extended detection and response on Endpoints (XDR)
|Microsoft Defender: a review
|Connect on-premises identity events
|Defender for Identity fundamentals
|Leverage email & collaboration security
|Defender for Office 365 fundamentals
|Cloud access security broker (CASB)
|A tour through Defender for Cloud Apps
Everything on Microsoft Defender on my blog:
Microsoft Entra is the product family for all cloud identity and network access solutions from Microsoft. Identity and access management is the backbone of all technology. Entra houses more that just classic directory services. Governance, External identities, Verified ID, Permissions Management and now with Global Secure Access the feature set is more diverse then ever.
One of the core part of Microsoft Entra is its Protection solutions. Cybersecurity is key for any organization that has digital resources. Protecting identities and securing access in Microsoft Entra are therefore important countermeasures. The Microsoft Digital Defense Report mentions fundamental security hygiene practices that would protect against 99% of attacks - most important parts of these security standards are achieved with Microsoft Entra:
- Enable multifactor authentication (MFA) - protect credentials and provide extra resilience for identities
- Apply Zero Trust principles - explicitly verify | use least privilege access | assume breach
These two points should be established for every Microsoft Entra customer. The following products help you to achieve this:
- Authentication methods - configure authentication methods for your tenant > Passwordless and phishing-restiant MFA should be the goal
- Conditional Access - control access to apps and data based on conditions
- Identity Protection - user and sign-in risk policies
- Identity Secure Score - representation of the organizations security posture and opportunity to improve it
2024 will be the year of artificial intelligence and Microsoft's answer to this is Copilot. We can assume that every product will have its own Copilot integrated and so does Microsoft Security with Security Copilot. Generative AI integrated to industry-leading technology can provide a major benefit in the usage and overall return on investment for customers. AI empowers with:
- ⏩ Machine-speed data processing
- 🔎 Detect anomalies automatically
- 🧠 Improve and expand knowledge
- 🔁 Automate repetitive tasks️
Leading to the following benefits:
- Cost savings by reducing the amount of effort and time for humans
- Increased efficency
- Alltime availability
- Reducing human error
- Improve customer experience
- Solving complex problems