Share this article

Latest news

With KB5043178 to Release Preview Channel, Microsoft advises Windows 11 users to plug in when the battery is low

Copilot in Outlook will generate personalized themes for you to customize the app

Microsoft will raise the price of its 365 Suite to include AI capabilities

Death Stranding Director’s Cut is now Xbox X|S at a huge discount

Outlook will let users create custom account icons so they can tell their accounts apart easier

Microsoft suggest companies “adopt a zero trust mindset” as it closes SolarWinds internal investigation

2 min. read

Published onFebruary 19, 2021

published onFebruary 19, 2021

Share this article

Read our disclosure page to find out how can you help Windows Report sustain the editorial teamRead more

Microsoft is closing the book on its internal investigation of the now infamous SolarWinds phishing attack that’s affected hundreds of US companies. While early on it had been identified that the nation-state attack firstwormed its way through the use of Microsoft’s Outlook serviceas a well-planned phishing attack, the company defended the use of its products by reassuring its customers that none of its services were used to directly attack others.

Not only hasMicrosoft’s internal investigation reaffirmedthe claim but it also allows the company to boast that “there was also no evidence of access to our production services of customer data.”

After a figurative pat on the back, Microsoft does advise that going forward its clients and customers adhere to a few fundamental changes to their approach to security.

First, “Adopt a Zero Trust mindset,” which Microsoft describes as “all activity–even by trusted users–could be an attempt to breach systems.” Secondly, is to embrace the cloud. Perhaps, initially counter-intuitive given the way the SolarWinds attack spread, but Microsoft believes by embracing the cloud, companies can “layer up” on security leveraging real-time advancements in threat protection from cloud service providers such as themselves.

The not-so-subtle plug for Azure by Microsoft does have its merits by dovetailing into the company’s last suggested approach to security which is to “strengthen the community of defenders.” Embracing the cloud also helps a business more quickly crowdsource security solutions and Microsoft would like it if more companies would soften to the idea.

Ultimately, the approach to security comes down to businesses’ own core competency with the latest threat analysis. Obviously, Microsoft would love for companies to double upon security by making use of Azure and Microsoft 365 Defender, but it’s a big unsecured world out there and it seems at this point the company would simply settle on its clients being more proactive to potential online threats.

Kareem Anderson

Networking & Security Specialist

Kareem is a journalist from the bay area, now living in Florida. His passion for technology and content creation drives are unmatched, driving him to create well-researched articles and incredible YouTube videos.

He is always on the lookout for everything new about Microsoft, focusing on making easy-to-understand content and breaking down complex topics related to networking, Azure, cloud computing, and security.

User forum

0 messages

Sort by:LatestOldestMost Votes

Comment*

Name*

Email*

Commenting as.Not you?

Save information for future comments

Comment

Δ

Kareem Anderson

Networking & Security Specialist

He is a journalist from the bay area, now living in Florida. He breaks down complex topics related to networking, Azure, cloud computing, and security