Microsoft this week launched a raft of cybersecurity initiatives that address everything from making Windows platforms more secure to adding platforms that are more secure by design.

Announced at the Microsoft Ignite 2024 conference, many of these initiatives address issues that arose in the wake of a now infamous CrowdStrike update that took down millions of systems around the world.

For example, Microsoft has updated its Microsoft Virus Initiative (MVI) to now require partners to conduct additional security and compatibility of components. Additionally, Microsoft and its MVI partners are developing more coordinated incident response processes in addition to adopting a set of Safe Deployment Practices as defined by the Cybersecurity and Infrastructure Security Agency (CISA).

Microsoft, in 2025, also plans to make it possible to recover compromised machines even when Windows is unable to boot.

At the same time, Microsoft has added Windows Autopatch to make it simpler to keep systems current along with providing a preview of HotPatch for Windows, a tool that allows patches to be applied in the background without having to restart systems. Windows Autopatch artificial intelligence (AI) will be integrated with Copilot in Intune, an IT management tool that includes Microsoft Copilot for Security, in a preview due out later this year. Copilot in Intune also makes use of Windows Autopatch, an AI tool for analyzing security and troubleshooting Windows devices.

At the same time, Microsoft is also adopting zero-trust principles by, for example, now requiring end users to authorize system changes via the Windows Hello multifactor authentication service, making it possible to ensure only authorized applications are allowed to run and adding a delegated managed service account (DMSA) to automate the management of credentials for accessing Windows Server. Microsoft has also made available Personal Data Encryption, which adds a second layer of encryption to Windows Enterprise that ensures they can only be read when Windows Hello is used to log in.

Additionally, Microsoft is adding a Configuration Refresh tool that ensures security policies are enforced by automatically returning a Windows device to the preferred configuration created by an internal IT team. That capability promises to eliminate drift that occurs when end users make changes to a system registry.

Microsoft is also adding Windows Backup to Microsoft Entra, an identity and access management platform along with an ability to restrict access to only approved Web domains.

A preview of a mobile application management (MAM) tool for iOS and Android, meanwhile, promises to strengthen the security of unmanaged or externally managed devices.

Microsoft is also adding more secure platforms, including a Windows 365 Link endpoint that doesn’t allow any data to be stored locally and an Azure Integrated Hardware Security Module (HSM) that adds a processor specifically designed by Microsoft to manage encryption keys.

Microsoft CEO Satya Nadella told attendees that Azure Integrated HSM will be added to every server in the Azure cloud service.

Windows 365 Link, meanwhile, improves cybersecurity by requiring security configurations to not only be enabled by default but also prevent them from being turned off. Additionally, no data is ever stored on the device and no passwords are required, said Nadella.

Expected to arrive in April of 2025, Windows 365 Link is the latest example of a new class of endpoints that have embedded artificial intelligence (AI) capabilities, said Nadella.

Other security capabilities being added include a preview of a Microsoft Edge management service embedded in the Microsoft 365 admin center console that enables IT administrators to deploy an encrypted shared password to a specific set of users. End users will be able to sign in to websites without ever seeing or having access to actual passwords and the Microsoft Edge management service will be able to deploy both browser policies in the cloud and via the Intune IT service management platform (ITSM).

Microsoft also made available an Exposure Management tool for its Extended Detection and Response (XDR) platform that makes it simpler for cybersecurity teams to discover, and visualize the relationships between critical assets.
At the same time, Microsoft is previewing a scareware blocker that will be added to the Microsoft Edge service that will alert end users to scams.

Microsoft is also previewing tools to secure data and evaluate cybersecurity risks and metrics for identifying compromises when using generative AI applications.

Finally, Microsoft is making available a preview of Microsoft Purview Data Security Posture Management (DSPM) to provide more contextual insights into how securely an organization’s data is stored in addition to extending its data protection tools to AI applications.

It’s not clear to what degree Microsoft’s offering might reduce the total cost of cybersecurity but the one certain thing is Microsoft seems committed to making sure cybersecurity is no longer an afterthought.