News

With Hybrid Networks on Rise, Microsoft Touts Zero Trust Security

Hybrid networks, which combine use of cloud services with on-premises software, require a "zero trust" security approach, Microsoft said this week.

The work-from-home phenomenon driven by the 2020 pandemic accelerated the use of cloud services by organizations, Microsoft argued, necessitating a change in how organizations handle security.

The author of the statements, Vasu Jakkal, Microsoft's corporate vice president for security, compliance and identity, suggested that "employees' home networks and devices are now part of the corporate network," which has security implications.

Microsoft's security teams currently track more than 40 nation-state attackers and more than 140 threat groups in 20 countries, Jakkal indicated. Phishing and firmware attacks have been increasing. There's "an average of 50 million password attacks every day." Last year, Microsoft blocked 30 billion e-mail threats, she added.

Organizations increasingly moved toward using cloud-based services in response to the pandemic, Microsoft found.

"In a recent survey of our Microsoft Intelligent Security Association (MISA) partners, 90 percent reported that customers have accelerated their move to the cloud due to the pandemic," Jakkal noted.

Most (91 percent) of those MISA partners also reported that there's a shortage of cybersecurity professionals to meet the current threat landscape.

One simple protection that organizations can implement is to turn on multifactor authentication (MFA), a secondary identity verification approach besides using a password. However, even though MFA is included for free with Azure or Microsoft 365 commercial subscriptions, just 18 percent of Microsoft's customers have turned it on, Jakkal noted.

While organizations may have turned on MFA to protect remote access sessions, MFA also "protects the entire network," she asserted.

The remote access trend makes implementing zero trust a "new business imperative" for organizations, Jakkal asserted. With zero trust, organizations "verify explicitly, grant least privileged access, and assume breach," she added.

Jakkal is scheduled to speak at the RSA Conference on May 18 as part of the RSA keynote presentation. She also recently chatted with Microsoft CEO Satya Nadella about zero trust in a video, available at this Microsoft page.

About the Author

Kurt Mackie is senior news producer for 1105 Media's Converge360 group.

Featured

  • Microsoft Offers Support Extensions for Exchange 2016 and 2019

    Microsoft has introduced a paid Extended Security Update (ESU) program for on-premises Exchange Server 2016 and 2019, offering a crucial safety cushion as both versions near their Oct. 14, 2025 end-of-support date.

  • An image of planes flying around a globe

    2025 Microsoft Conference Calendar: For Partners, IT Pros and Developers

    Here's your guide to all the IT training sessions, partner meet-ups and annual Microsoft conferences you won't want to miss.

  • Notebook

    Microsoft Centers AI, Security and Partner Dogfooding at MCAPS

    Microsoft's second annual MCAPS for Partners event took place Tuesday, delivering a volley of updates and directives for its partners for fiscal 2026.

  • Microsoft Layoffs: AI Is the Obvious Elephant in the Room

    As Microsoft doubles down on an $80 billion bet on AI this fiscal year, its workforce reductions are drawing scrutiny over whether AI's ascent is quietly reshaping its human capital strategy, even as official messaging avoids drawing a direct line.