Microsoft Inspire 2022: What a Long, Strange Trip It's Been

I am old enough to remember when colleagues would jokingly (or not so jokingly) refer to the Bill Gates era Microsoft as "the evil empire." After all, this is the company that achieved fame during an investigation by the US Department of Justice for having an internal strategy called “embrace, extend and extinguish.” The strategy came out of a meeting in which the company stated it could "kill HTML by extending it." Some might suggest that view did not only apply to standards, but also to partners. However, let's be clear: this was 1995, 27 years ago (when did I get so old?). And I'm not even going to touch the Steve Ballmer era.

But since Satya Nadella took over in 2014, things have been very different.

Microsoft is now considered a good citizen in the industry, with a “better together” attitude, working with partners and customers to benefit everyone. This spirit came to the fore at last week's Inspire event with a major focus on working with and enabling the 400,000 partners in its global ecosystem, that employ over 22 million people. Microsoft announced updates to its ISV partner program, and its commercial marketplace to help partners build and sell software and services. You can read a more detailed overview and find links to details in this Microsoft blog post.

Security Is No Longer a Joke

Back in Microsoft's evil empire days, I was working at a major research university supporting research scientists and PhD students using Windows, Unix, Linux and MacOS. Guess which OS had the worst reputation for security? You guessed it, Windows! Regular fights broke out over what should be the standard antivirus package. However, this is also old news.

Not only has Microsoft taken security seriously for a long time now, but that security extends from its desktop and server operating systems to its cloud environments. The previously catchy title of Microsoft Cloud Application Security Broker (MCAS) has been replaced by Microsoft Defender for Cloud Apps, but it’s still a good solid cloud access security broker (CASB) that helps to protect your applications and data. A CASB acts as a real-time gatekeeper to broker access between your users and the cloud resources they are allowed to use. MS Defender for Cloud Apps allows you to discover and control the use of shadow IT (unofficial, often consumer grade applications), and to protect sensitive information. By detecting unusual behavior, it identifies ransomware and other rogue apps, alerting your InfoSec team to potential threats.

The next level in Microsoft’s cloud security architecture is Sentinel. Sentinel is its security, information and event management (SIEM) solution, but it also has a security orchestration, automation and response (SOAR) capability. We sure love our acronyms in IT.

But what do these acronyms really mean? Well according to Microsoft, Sentinel will:

• Collect data at massive cloud scales from users, devices, apps and infrastructure components.
• Detect previously undetected threats.
• Use AI to investigate threats and hunt for suspicious activities among all that collected data.
• Respond to threats and security incidents with its build in orchestration capabilities.

So, between Defender for Cloud Apps, Sentinel and all the other Microsoft security and governance capabilities, you have an extremely solid foundation. But last week, Microsoft upped the game another notch, with the announcement of Microsoft Cloud for Sovereignty.

Related Article: Microsoft Build: 5 Digital Workplace Related Announcements

What Is Data Sovereignty and Why Is It Important?

Wikipedia has a detailed page on data sovereignty so we can quote the pithy one sentence explanation:

“Data sovereignty is the idea that data are subject to the laws and governance structures within the nation it is collected.”

Learning Opportunities

Mar 14 11:00 AM PST

Challenges to Efficiency in 2023: Your Employees Need the Digital Workplace of the Future

The era of asking employees to do more with less is upon us

Register

Apr 13 12:00 PM AST

How McDonald’s GBS Empowered Employee Self-Care to Drive Productivity

Register

Mar 16 9:00 AM PST

How to Future-Proof Your Employee Experience Strategy in 2023

A framework to navigate through economic uncertainty

Register

ON DEMAND

The Essential Role of Communicators in Fostering Wellbeing in the Digital Workplace

Join us for practical insights on how digital communicators can support employees to thrive in the digital workplace

Watch Now

ON DEMAND

Addressing Employee Needs and Wants with a Digital Workplace

The workplace is getting more and more digital – both in how we work and where we work

Watch Now

ON DEMAND

Maintaining a Human-Centered Approach During Digital Transformation

When it comes to digital transformation - people drive change, not technology

Watch Now

ON DEMAND

The Evolution of Employee Recognition

Leveraging the power of appreciation to improve the employee experience

Watch Now

ON DEMAND

How to Build a More Innovative and Resilient Workplace Culture

What would happen if every member of your team came to work focused on finding solutions and creating better results?

Watch Now

ON DEMAND

Are You Blocking Your Internal Comms Team Without Knowing It

Best practices & tips to help IC teams thrive

Watch Now

ON DEMAND

Cyber Resilience In The Cloud Is Not Optional

In today’s age of ransomware and widespread cyber attacks, your cloud data needs to be protected.

Watch Now

View All

What this means in practice is countries may have laws which state data collected in that country or data about their citizens must remain in the country. Such laws often pose problems for globally scaled cloud computing providers, and result in options like customers being able to encrypt their data with their own keys (customer managed encryption also known as “bring your own key”) to ensure its security, and the ability to configure where data is stored at rest.

One of the major announcements from Inspire was the release of Microsoft Cloud for Sovereignty, a new solution aimed at helping public sector customers meet their national policy, compliance and security requirements.

This new offering will be built on Microsoft’s public cloud, but will ensure that internal development and management practices are transparent and compliant with local laws. Of course with Azure data centers all over the world providing over 60 "cloud regions," Microsoft already has a good start on providing local storage to ensure data residency requirements for specific countries or political entities such as the EU. Microsoft Cloud for Sovereignty builds on this by adding capabilities for encryption and other governance functionality including encrypted memory technology called Trusted Execution Environments (TEE), and Hardware Security Modules (HSM) that prevent malicious users from tampering with encryption keys.

Related Article: End of Year Incidents Remind Us of Our Corporate IT Vulnerabilities

Microsoft's Unique Corporate Journey

Let's go back to the partner announcements: Microsoft stated that Microsoft Cloud for Sovereignty is "being designed as a partner-led, partner-first solution." You can appreciate how this would be the best approach, with specialist partners around the world that have deep understanding of the local laws and regulations in that particular jurisdiction, and expertise in helping corporations work within them.

When I realize how old I am and how long I have been playing with computers — from building networks on Windows for Workgroups, to Windows NT and implementing Windows 2000 Server, and the excitement of the first SharePoint, before getting to the point where I could hire other people to build the servers and systems — Microsoft’s journey has been nothing but amazing. From the Evil Empire that we believed didn’t understand or take security seriously, who wanted to quash open standards, and to buy out and then phase out partners products, to where it is today, it's a unique corporate journey. I can say with certainty that I much prefer the Microsoft that “works better together” with its partners, and puts some serious funding, research and effort into information security and information governance.

And to finish on a high, so to speak, check out Azure Space (literally interplanetary cloud ops!).

Learn how you can join our contributor community.

About the Author

Jed Cawthorne is principal evangelist at Shinydocs, focusing on spreading the message of the benefits of good data and information management. Jed has over 20 years experience in information and knowledge management, and over 25 years in IT.