I am sure most of you read by now my article “Apple and Privacy “, for the ones who did not I highly recommend to read it,( here is the link ) below are some public feedback which I have received via LinkedIn from Gartner, Microsoft, Australian Government employees.
I will also share some of the feedbacks which I have received via Twitter and Facebook as well. Hopefully, it will help you to get convinced to read and apply the recommendations.
My former Microsoft colleague and current Head of Information and Cyber Security at Standard Chartered Bank, Dr. Erdal Ozkaya, has put together this article to guide iPhone users on how to protect their privacy. Enjoy reading. I personally found it very useful and applied the great recommendations mentioned in this article.
Aly Yaghi
Director of Business Development at Gartner
Feedback from Microsoft
Thanks Dr. Erdal Ozkaya for putting this together .
Mina Nagy
Cybersecurity Business Lead Microsoft
—–
Guide to downloading personal data held on you by Apple, Google and Facebook. I can’t wait to download mine at the weekend. Your data is worth far more than you think? .
Fred Alale
Senior Manager at Department of Treasury and Finance Victoria ( Australia)
—–
We are sharing our data without thinking the consequences via our devices, How can we limit what we share with Apple ? How can we delete our data from Facebook and Google. Let’s read Erdal’s fantastic article
Ipek Aral
HR Director
—–
A great read from one of my former colleagues.
Jeff Chin
Global Cyber Defense Specialist Microsoft
—–
Thank you very much for the information you shared.
Eyyob Lemma CEO
To read the article : https://www.erdalozkaya.com/apple-and-privacy/
Does Apple spy on iPhone ?
https://www.erdalozkaya.com/apple-and-privacy/
Does Apple spy’s on your iPhone? Gartner / Microsoft Feedback
CISO Insight
Having worked at Microsoft and held the Microsoft MVP award since 2009, I have watched the Microsoft security ecosystem evolve from a standalone antivirus product into one of the most comprehensive security platforms available. For organisations invested in the Microsoft ecosystem, understanding how to leverage these native capabilities is one of the highest-ROI security decisions a CISO can make.
The Microsoft Security Ecosystem: A CISO’s Perspective
Microsoft’s security portfolio has expanded dramatically over the past decade. What began with Windows Defender and basic endpoint protection now encompasses identity and access management (Entra ID), cloud security posture management (Defender for Cloud), SIEM and SOAR (Sentinel), endpoint detection and response (Defender for Endpoint), email security (Defender for Office 365), and data loss prevention across the entire Microsoft 365 ecosystem. For organisations with significant Microsoft investments, this integrated approach provides visibility and control that would require multiple third-party vendors to replicate.
The strategic advantage of the Microsoft security stack is integration. When identity, endpoint, email, and cloud security share a common data model and management plane, correlation and automated response become dramatically simpler. A suspicious sign-in detected by Entra ID can automatically trigger an endpoint investigation in Defender, restrict email access, and create a Sentinel incident — all without manual intervention. This level of cross-domain automation is difficult to achieve with multi-vendor architectures.
Practical Considerations for CISOs
While the Microsoft security stack offers compelling integration benefits, CISOs should evaluate it with the same rigour applied to any vendor investment. Key considerations include licensing complexity (security features are distributed across E3, E5, and add-on licences), the need for Microsoft-skilled security personnel, potential vendor concentration risk, and coverage gaps for non-Microsoft platforms. The most effective approach for many enterprises is a Microsoft-first strategy supplemented by specialist tools for specific use cases where Microsoft’s capabilities are less mature.
Frequently Asked Questions
Is the Microsoft security stack sufficient as a standalone solution?
For organisations with a predominantly Microsoft environment and E5 licensing, the native security stack covers most enterprise security requirements. However, organisations with significant non-Microsoft infrastructure, specialised compliance needs, or advanced threat hunting requirements may benefit from supplementary solutions. Evaluate against your specific threat model and operational requirements rather than adopting a one-size-fits-all approach.
What Microsoft licence is needed for comprehensive security?
Microsoft 365 E5 provides the most comprehensive security feature set, including Defender for Endpoint P2, Defender for Office 365 P2, Defender for Identity, Defender for Cloud Apps, Entra ID P2, and Sentinel entitlements. E3 includes basic security features. Many organisations start with E3 and add specific security components through add-on licences based on their risk priorities.
Related reading: For Zero Trust implementation with Microsoft technologies, visit our Zero Trust Security Hub or download the CISO Toolkit.