Microsoft servers face 10,000,000 attacks a day
A recent Security report from the company has revealed that Microsoft’s online infrastructure is tried to breach around 10 Million times in a day .
With Microsoft account and Microsoft Azure Active Directory services, the company helps regular users as well as corporates by providing them with a central identity.
The Identity Mechanism
The first service, your Microsoft ID which is also called Windows live ID is your gateway to access services such as Bing, Outlook.com, OneDrive, Windows Phone, Skype, Xbox LIVE, Windows 8.1, Windows 10, and many others.
This ID once hacked, can create serious troubles for the corresponding user. The problem may range from leakage of personal data on dark web to theft of important files and resources.
Microsoft’s second service for managing user identities is called Azure Active Directory (AAD) and is a commercial service offered to corporate entities. This service is a single sign-on system that grants users access to thousands of cloud (SaaS) apps such as Office 365, Workday, Box, Google Apps and more.
It is said by the company that 90 percent of the world’s 2,000 largest organizations use Azure Active Directory to manage user access to their cloud services. The company says it has 8.24 million AAD tenants, which in turn manage identities for 550 million users.
Attacks and Defenses
Out of 13 Billion authentications(per day), almost 10 Million are an attempt to intrude in someone’s account, the report says.
For Windows Live ID
The company has implied a profound channel for detection of breaching. This mechanism prevents unauthorized access even if the wrong person enters the right credentials.
First of all, an incorrect password lock out system is used which prevents user accounts from being brute-forced . Second there is a location based service which prevents login from suspicious locations.
For Azure Active Directory
AAD allows its users to create new identification policies added with those offered to Windows Live users. This provides an extra bit of security.
“The capabilities […] are combined with other protection algorithms, data feeds from the Microsoft Digital Crimes Unit and the Microsoft Security Response Center, phishing attack data from Outlook.com and Exchange Online, and information acquired by partnering with academia, law enforcement, security researchers, and industry partners around the world to create a comprehensive protection system that helps keep customers’ accounts safe,” the company writes in its report.
But above all , no method is hundred percent fool-proof. Hence it is always necessary to follow security basics like choosing a strong password, changing it frequently etc.
The author Abhishek Awasthi
Continuous improvement is better than delayed perfection