I wanted to share an important update from Microsoft that directly supports our shared commitment to cybersecurity: the launch of the Secure Future Initiative (SFI) patterns and practices. This new library of actionable guidance is designed to help organizations like yours implement robust security measures at scale.
The SFI framework is built on three core principles:
- Secure by design – embedding security into every product and service from the start.
- Secure by default – ensuring protections are enabled automatically, without extra effort.
- Secure in operations – continuously improving monitoring and controls to meet evolving threats.
The first wave of SFI patterns and practices includes practical solutions for:
- Phishing-resistant multi-factor authentication (MFA) using FIDO2, passkeys, and certificate-based methods.
- Eliminating identity lateral movement by isolating tenants and enforcing Conditional Access.
- Protecting secrets and credentials, securing cloud workloads, and improving software supply chain integrity.
These patterns are based on real-world learnings from incidents like Storm-0558 and Midnight Blizzard and reflect Microsoft’s commitment to making security our top priority—above all else.
If you’re interested in exploring how these practices can be applied to your environment, our team would be happy to schedule a session to walk through the guidance and identify opportunities for improvement.
References
Be the first to comment on "Secure Future Initiative (SFI) patterns and practices"