Building Managed Services around Microsoft

Quite possibly the most commonly used word you will find if you were to do some detailed analysis of the content of my emails, Teams messages and other various collaboration tools for the past 12 months. 

Microsoft’s journey as a provider of cybersecurity solutions is quite the turnaround story. As little as maybe 3 years ago, you wouldn’t have heard of them being discussed in any serious cyber security discussions.Yet we come to today, where Microsoft stands as a leading software provider in the domain of cybersecurity. 

Much of this is driven by the embedding of cybersecurity toolsets into their much more established business lines including the hugely successful Azure public cloud and the monster that is Office365. 

It became quite obvious over the past couple of years that Microsoft was something we, at Orange Cyberdefense, would have to invest in and that investment is really about time, skills, development and partnership. 

So, we took the plunge (having utilized Microsoft products as a key security event source for over a decade), to go deeper and to start to manage some elements of the Microsoft security suite directly, at a time when many of our customers are gaining access to this collection of security goodies. 

Life is not without its challenges. Sure enough, investing in Microsoft’s security suite brings some challenges alongside the obvious benefits of consolidating security into your Microsoft enterprise agreement.  So, what are those challenges?  Well, they are not new.  In  fact it is a challenge as old as cyber security itself – “how do I get the most out of the technology I have invested in”? 

Let us look a bit deeper at specifics: 

1. Utilizing their entitlements to the best effect  With Microsoft bundling security in with many licensing agreements now – the E5 subscription being the prime example – many businesses are entitled to a whole raft of security solutions.  The challenge then is to get the most out of them.  Let us take Microsoft 365 Defender for example, a platform that has the great set of fundamental capabilities around four of the most important areas in cybersecurity – securing the endpoint, Office365, identity and cloud apps.  With a host of configurable options across each module, a rich set of detection and response capabilities and all tied together by the ability to measure your security posture with Microsoft Secure Score, it is about as far from “set and forget” as you can be in the modern practice of cyber- defence. 
2. Solution complexity  Just because something is bundled together as a license does not eliminate complexity.  Multiple security solutions (including non-Microsoft products) must be supported by documented outcomes, supporting operational processes and of course skilled people. 
3. Skills shortage  A familiar story of course.  But one accentuated in the case of the Microsoft cybersecurity ecosystem given the huge increase in adoption of their product portfolio.   Demand far outstrips supply. 

Given these challenges it was only natural to look then for many businesses to start looking to managed services for help.   

I am a great believer that with any challenge, you must seek out the opportunities it brings.  As my old boss used to say (and his old boss to him before that) “if it were easy, someone else would be doing it”. 

Well, it isn’t easy, but we are here, and we are getting it done. 

That said, if you recognise these challenges, come talk to us at Orange Cyberdefense.  Let’s face them together, seize the opportunity and get the outcomes we’re looking for. 

Know more about our managed security services :

• Managed Workspace Protection for Microsoft 365 Defender
• Managed Threat Detection [xdr] for Microsoft 365 Defender
• Managed Threat Detection [log] for Microsoft Sentinel
• Managed Threat Detection [network] for Microsoft 365

Author: Grant Paling, Product Manager, Global Service Lines