You are using an out of date browser. It may not display this or other websites correctly. You should upgrade or use an alternative browser.
secure by default
About this tag
The secure by default tag on WindowsForum.com covers discussions about shifting security responsibility from customers to platform vendors. Recent content examines Microsoft's Azure IaaS security blog post, which argues that cloud infrastructure should have security engineered into the platform and switched on by default where possible, reducing the burden on enterprise IT teams. Another thread discusses CISA's guidance on operational technology (OT) security, highlighting that authentication and cryptographic features exist but are rarely implemented because they are hard to operate in real industrial environments. Both sources emphasize that secure by default means making security features easy to enable or automatically active, rather than leaving them as optional customer assembly projects.
Microsoft published an Azure IaaS security blog post on May 4, 2026, arguing that cloud infrastructure protection now depends on defense in depth combined with Secure Future Initiative principles across compute, networking, storage, identity, and operations for enterprise workloads running on...
CISA’s new guidance, "Barriers to Secure OT Communication: Why Johnny Can’t Authenticate," bluntly reframes a long-standing truth for industrial operators: the cryptographic and authentication features necessary to stop simple, high-impact attacks exist in many pockets, yet they are rarely...