A secure foundation

A Secure Foundation From Zero Trust to AI-powered productivity

Table of 01 / 02 / Introduction Security risks in today’s Contents world of work 03 / 04 / Creating a secure, Zero Stepping into modern work Trust foundation with a secure foundation 2 A Secure Foundation: From Zero Trust to AI-powered productivity

Today, work can happen anywhere. Whether in the ofÏce, at home, or in between—employees want to do work when and where it happens, without interruption. Many organizations meet this need for anywhere work with Increase in average monthly hybrid solutions. But creating the right environment means navigating a slew of continuously evolving challenges. 1 identity attacks from 2018 to 2022 For many organizations, remote work means connecting employee-owned devices to get work done, while other organizations provide additional devices % for remote use. Both scenarios can lead to an increase in unmanaged endpoints +1,329 and identities. IT workers who are already busy with their existing day-to-day duties often don’t have the time or tools to securely manage them all. password spray attacks With cyberattacks increasing significantly over the past few years, a single unmanaged device can put an entire organization at risk. % New ways of working need enterprise-wide technology founded in Zero Trust +26 to enable flexible, productive work. Tools built to centrally manage security are critical. But those tools must give employees the foothold they need to work password attacks productively, collaborating and innovating from anywhere. Zero Trust is a security model that assumes no % implicit trust in any entity, internal or external, and +35 requires continuous verification of identity, device, phishing attacks data, and network. This e-book explores how and why risks arise from today’s hybrid work environments, and what tools organizations can use to secure their technology for productive work from anywhere. 3 A Secure Foundation: From Zero Trust to AI-powered productivity

Security risks in While organizations look to evolve their ways of working, 68% have experienced one or more endpoint attacks that compromised data and/or their IT today’s world infrastructure.2 A single security breach can erode customer confidence for years into the future and cost an average $4.45 million.3 Without proper security, of work organizations risk more than downtime. And perhaps more importantly, they risk long-term reputational damage. Flexible workplaces see an increase in unmanaged 3,500 devices and identities unmanaged, unprotected devices connected to an enterprise on average6 While employees are ready to work from anywhere, their organizations’ security may not be. More than half of organizations do not have visibility or control 4 over at least a quarter of their endpoints. And with more places work can be done, the number of unmanaged devices and identities is likely to increase. % As employees work and collaborate in a hybrid environment, they may find +71 existing tools inadequate. Remote collaboration can be difÏcult without optimized apps, and software interfaces may vary widely between desktop, increased likelihood of infection on laptop, and mobile devices. This leads some employees to turn to shadow IT, an unmanaged device6 with a reported 80% using non-sanctioned apps and devices that have not been reviewed.5 With the number of unmanaged endpoints that IT teams are left to manually discover and restrict access to, almost 70% report feeling overwhelmed trying 7 to manage remote work. 4 A Secure Foundation: From Zero Trust to AI-powered productivity

Outdated, manual endpoint and app management To properly secure the influx of employee-owned devices, and the apps and tools needed for employees to work from anywhere, organizations must address their legacy endpoints, software, and apps. Almost 90% of security leaders agree that outdated PC hardware leaves organizations vulnerable to attack, yet reports show a third of most organizations’ hardware is outdated.8 Less than half of organizations update their computers every two years.8 % Devices that rely on manual patching and updating present a considerable risk. 68 The gap between when an update or patch becomes available and when it’s implemented leaves organizations vulnerable. And the time it takes to manually of organizations that suffered update devices may delay more important strategic IT work. Reports show more ransomware attacks had a high than half of IT teams don’t spend enough time on strategic work, like defending dependence on manual patching 7 against the increasing sophistication of cyberattack techniques. Instead, they’re and updating 7 often preoccupied with everyday issues like software and firmware patches. When organizations do implement new technology, they must be sure to sunset redundant solutions. Seventy-two percent of organizations reported increased complexity within their IT environment over the past two years.9 This complexity represents not only complications in the computing environment, but also increased complexity of IT teams’ jobs. 5 A Secure Foundation: From Zero Trust to AI-powered productivity

Creating a Zero Trust foundation Turning your organization into a modern environment where employees can work from wherever they need to can be a significant undertaking, and security must be at the forefront. Left unaddressed or under-addressed, your organization may be exposed to risk of large losses. Your IT teams may already manage many different small-scale issues to keep your security posture intact. They need a solution that will allow them to focus on higher-order security risks to combat the rising number of attacks. The right solution must deliver productivity tools with security baked in. A secure solution from Microsoft Microsoft 365 E3 is a comprehensive, cloud-based productivity and security solution for building a strong, Zero Trust foundation for modern work. Through identity management, threat protection, and data security measures, Microsoft 365 E3 secures your enterprise while allowing your teams to collaborate effectively and eliminate redundant solutions. 6 A Secure Foundation: From Zero Trust to AI-powered productivity

Secure all your organization’s identities With Microsoft 365 E3, you can implement simple and effective identity security measures at scale. By rolling out multi-factor authorization (MFA) and passwordless sign-on throughout your organization, you reduce the risk of compromise % significantly. Coupled with continuous access evaluation, you can ensure 99.2 that all sign-in attempts are within normal geographical areas and working hours. This creates a sign-in process that’s both highly protected and easy for reduced risk of identity workers to use. compromise with 10 Once identities are logged into your organization, Microsoft 365 E3 provides whole-enterprise MFA a powerful tool for risk-based Conditional Access management in the form of Microsoft Intune. With Intune, IT teams can set up access to apps and tools by role, and employees can use self-service options for common issues like password resets. This can save your organization up to $79 per user over three years* as 11 employee issues are resolved more quickly. 7 A Secure Foundation: From Zero Trust to AI-powered productivity

Cut through endpoint management complexity and protect against threats Organizations save With Microsoft 365 E3, your organization gets modern, unified endpoint management and visibility into all endpoints. A single solution, Microsoft 365 can also reduce the number of dedicated solutions and corporate devices in your organization, saving you $55 money and empowering your IT teams to focus on larger tasks, like strategic security planning and updating your device estate. per user per month* by Security, deployment, and software update automation capabilities consolidating vendors with Microsoft 36511 are also included in Microsoft 365 E3 to take the load off busy IT workers and keep enterprise endpoints up to date. Cloud endpoint deployment means employees can securely stream Windows desktop, apps, settings, and content from the Microsoft % Cloud to a Cloud PC. In addition to quickly setting up employees to work from anywhere without the costs of a secondary solution, 97 significant time savings in deployment can translate into an average $15M in savings over three years.*11 of survey respondents report efÏciency gains for IT teams in Automatic threat protection and remediation across all apps and deploying endpoint updates*11 environments lets IT teams configure conditional responses to common cyber threats that would otherwise take up valuable time. Additionally, automatic software updates allow employees to stream the most up-to-date versions of apps, settings, and content quickly and securely from the Microsoft Cloud. 8 A Secure Foundation: From Zero Trust to AI-powered productivity

Govern and protect your organization’s With Microsoft 365, organizations can expect up to sensitive information A fully integrated solution, Microsoft 365 E3 allows IT teams to discover and classify sensitive information at scale. Information protection can even extend between $1.2M Microsoft and non-Microsoft apps. Features like sensitive data tagging and loss prevention, end-to-end in reduced risk of data breach encryption, eDiscovery, and compliance managers help 11 over three years IT Teams classify, monitor, and control data—both in transit and at rest. 9 A Secure Foundation: From Zero Trust to AI-powered productivity

Modern work with Once your organization’s foundation is secured and your Microsoft 365 E3 can help your organization achieve its data and teams connected, Microsoft 365 E3 can enable digital transformation goals and empower your workforce a secure foundation the productivity needed to meet the new era of work. With to work together. With connection through best-in-class Microsoft 365, your workers can access the apps, tools, and productivity apps, your employees can collaborate and drive data needed to do their work from anywhere, securely. productivity together, no matter where they work. 10 A Secure Foundation: From Zero Trust to AI-powered productivity

Elevate productivity Microsoft Copilot for Microsoft 365 elevates productivity even Copilot works in three distinct ways. First, to unleash your further, working as an agile assistant to help employees streamline employees’ creativity by creating first drafts for employees to iterate with a powerful their work and accomplish more every day. Copilot integrates on, generate professional-looking data visualizations, and analyzing with your organization’s data and works alongside Microsoft 365 trends. Second, to unlock productivity by intelligently cutting down AI tool applications to automate routine processes, create presentations, on busywork by summarizing emails, messages, and to-dos. And design data visualizations, write documents, and more. Copilot third, to uplevel your employee’s skills with thousands of natural gives employees an AI tool capable of turning their ideas into one of language AI commands that make the work they do easier. the most powerful productivity tools on the planet. 11 A Secure Foundation: From Zero Trust to AI-powered productivity

Microsoft 365 for enterprise Build a secure foundation for flexible work with Microsoft 365 E3. Learn more 12 A Secure Foundation: From Zero Trust to AI-powered productivity

Sources: 1 “Microsoft Entra: 5 identity priorities for 2023.” Microsoft Security Blog, Jan 9, 2023. https://www.microsoft.com/en-us/security/blog/2023/01/09/microsoft-entra-5-identity-priorities-for-2023/ 2 “The 3rd Annual Study on the State of Endpoint Security Risk,” Ponemon, Jan 2020. 3 Cost of a Data Breach Report 2023, IBM, July 2023. https://www.ibm.com/reports/data-breach 4 Gruber, Dave; Knuth, Gabe, “Managing the Endpoint Vulnerability Gap: The Convergence of It and Security to Reduce Exposure.” Enterprise Strategy Group, February 2023. https://query.prod.cms.rt.microsoft.com/cms/api/am/binary/RWXwKT 5 “Discover and Manage Shadow IT - Microsoft Defender for Cloud Apps.” Microsoft Learn, May 24, 2023. https://learn.microsoft.com/en-us/defender-cloud-apps/tutorial-shadow-it 6 “Anatomy of a Modern Attack Surface.” Microsoft Security Insider, May 2, 2023. https://www.microsoft.com/en-us/security/business/security-insider/threat-briefs/anatomy-of-a-modern-attack-surface/ 7 Microsoft, “Microsoft Digital Defense Report 2022: Illuminating the threat landscape and empowering digital defense.” https://query.prod.cms.rt.microsoft.com/cms/api/am/binary/RE5bUvv?culture=en-us&country=us 8 “Security Signals Boost SDM Research Learnings” Microsoft Security, Sep 2021. https://query.prod.cms.rt.microsoft.com/cms/api/am/binary/RWP0mz 9 Gartner Survey Shows 75% of Organizations Are Pursuing Security Vendor Consolidation in 2022, Press Release, Sep 2022. https://www.gartner.com/en/newsroom/press-releases/2022-09-12-gartner-survey-shows-seventy-five-percent-of-organizations-are-pursuing-security-vendor-consolidation-in-2022 10 “Microsoft Digital Defense Report: Building and improving cyber resilience.” Microsoft Threat Intelligence, Oct 2023. https://www.microsoft.com/en-us/security/security-insider/microsoft-digital-defense-report-2023 11 The Total Economic Impact™ of Microsoft 365 E3, a commissioned study conducted by Forrester Consulting, Oct 2022. Results based on a single composite United States-based organization with global operations and 30,000 employees using Microsoft 365 E3. https://query.prod.cms.rt.microsoft.com/cms/api/am/binary/RE5970p © 2023 Microsoft Corporation. All rights reserved. This document is provided “as-is.” Information and views expressed in this document, including URL and other Internet website references, may change without notice. You bear the risk of using it. This document does not provide you with any legal rights to any intellectual property in any Microsoft product. You may copy and use this document for your internal, reference purposes.