Microsoft to Rate Corporate Cybersecurity
February 10 2017 - 1:29PM
Dow Jones News
By Jay Greene
Microsoft on Friday will begin grading its commercial customers'
Office 365 security settings in an effort to fortify its software
and services that are frequent targets of hackers.
One insurance company, Hartford Financial Services Group Inc.,
plans to take the security score into account when setting
cyberinsurance rates for customers.
No money is changing hands, the companies said. Microsoft
declined to say whether it approached other insurance companies to
use the dashboard-like service.
Amid a continuing flood of cyberattacks, tech companies
frequently cajole customers into beefing up their use of security
features. Alphabet Inc.'s Google, Facebook Inc. and Twitter Inc.,
for example, all encourage users to enable multifactor
authentication, a common security step that requires people to
provide more than just a username and password to log in.
Microsoft in recent years has pushed to burnish its reputation
for security. The Windows 10 operating system is more secure than
its predecessors, in large part because it includes free upgrades
that are installed automatically in the background, ensuring it has
the latest protections.
Microsoft is debuting the Secure Score ahead of the annual RSA
digital-security conference in San Francisco, which gets under way
Monday.
The company will suggest ways to improve security and include a
tool to model how security changes affect scores. Security scores
can climb, for example, when customers enable multifactor
authentication.
Secure Score only considers a business customer's use of
security features in Office 365. That means it might register lower
scores for customers who choose to use rival security products
instead of enabling security features included in their Office 365
subscription, the company said.
Businesses can compare their scores to the other 85 million
commercial customers using Office 365, the online version of
Microsoft's email, word-processing and spreadsheet
applications.
"It's essentially like a health checkup," said Bret Arsenault,
Microsoft's chief information security officer.
In testing, Microsoft found that customers who checked their
security settings boosted their scores on average by 18% over those
who didn't visit the security dashboard.
Hartford plans to take Secure Score into account when pricing
its cyberinsurance coverage. The company already looks at a variety
of factors, from the industry in which clients operate to the
physical security of their buildings, said Tom Kang, head of
cyberinsurance for the company.
He declined to disclose the weight Secure Score tallies would
get in pricing decisions. The actual score itself is less relevant
than the fact that the customer is focused on security
configurations, Mr. Kang said. "It gives us insight and comfort
that you are doing some risk management," he said.
PricewaterhouseCoopers forecasts that the roughly $3 billion
corporate cyberinsurance market will grow to $7.5 billion in
premiums by 2020, making it the fastest-growing insurance product
in America.
Write to Jay Greene at Jay.Greene@wsj.com
(END) Dow Jones Newswires
February 10, 2017 13:14 ET (18:14 GMT)
Copyright (c) 2017 Dow Jones & Company, Inc.
Microsoft (NASDAQ:MSFT)
Historical Stock Chart
From Sep 2024 to Oct 2024
Microsoft (NASDAQ:MSFT)
Historical Stock Chart
From Oct 2023 to Oct 2024