Advanced Security Services
We build security around a level structure that allows for businesses to embark on their security journey one step at a time or all at once (at an even deeper discounted price).
Onboarding - You Are Here
This is the basic creation of the independent tenant from the infrastructure, this will have your OWN office 365 licenses as well as:
Microsoft Security Defaults
Multi-factor authentication is when a user must provide two or more pieces of evidence to verify their identity to gain access to an app or digital resource. Multi-factor authentication (MFA) is used to protect against hackers by ensuring that digital users are who they say they are.
This is especially important for Privileged accounts since they can create other accounts and or grant rights to existing accounts to perform ANY activity in the tenant.
By adding MFA to an account a user must provide the username, a password and another factor (push notification to mobile device) to log in, if the third is not satisfied, login is denied.
MFA Enrollment for All Users and Self Service Password Reset
Enroll all your users to Multi-Factor authentication (MFA) and be ready to enhance the security of your tenant once turned on, this process ensures every user is enrolled in MFA and Self-Service Password Reset.
Basic Compliance reporting on Windows 10 devices
Windows 10 machines enrolled in Intune can report compliance back to Intune Endpoint Manager this will allow the organization to select what items and settings constitute a compliant machine:
Windows 1903 and above? (or newer OS level)
TPM Module installed
Code Integrity
Password required to wake system
Local accounts require a 8 digit password
Once the above is satisfied, the machine would be marked as compliant, any variation would mark it as non-compliant. This compliance flag can be used at a later time (Level 2+) to determine access to the tenant.
Level 1 - Basic
Break-Glass account as a countermeasure in case Multi-Factor Authentication fails
In case MFA services for Microsoft become offline, a break glass account is a method of logging in with privileged access and without participating in MFA, this account requires a long complex password and must be safeguarded with the highest of security practices.
Multi-Factor Authentication for Everyone
Extending multi-factor authentication beyond privileged users to everyone in the organization helps prevent unauthorized use of data or services.
Geo-Fencing for Unauthorized Access from a non-approved countries
A IP based block for countries other than the US to be blocked from accessing the tenant even though they are successfully authenticated.
AAD Sign-In Reports
Who is signing in from where using what. A weekly report will help you track any possible security threats.
Mobile Application Management and Policy driven behavior
Outlook and other modern apps configured via Application Protection Policy in Intune. This allows us to protect the data inside outlook from being accessed from unauthorized individuals who may gain access to the mobile device (Android or iOS).
Data is protected via encryption while at rest. While in transit, Legacy protocols are disabled so only secure communication can take place.
Level 2 - Intermediate
All of Level 1 plus
Advanced Compliance Reporting & Enforcement
This feature allows only corporate owned devices that are managed by the organization to connect to the tenant, so a user's "home" computer could not:
Connect to SharePoint online and download information
Access teams or meetings online from the device
Install any corporate licensed software on personal devices
Management of Win10 via Intune (Core)
Intune allows for management of Windows 10 devices as long as they have a active internet connection, all aspects of the Operating System can be managed, gone are the days of sending the PC to an IT tech on-prem for fixing issues.
This also allows for configuration to be pushed down to the devices, such as:
Device Encryption requirement
Login banner for privacy
Self-Service password reset link
Full remote – wipe capability if device is lost or stolen, data is erased from storage
Mobile Device Management
Intune also allows for management of Mobile Devices (Android & iOS), by having such management capabilities we can push down to corporate owned mobile devices:
Require PIN for unlock (or biometric)
Full remote –wipe capability if device is lost or stolen, data is erased from storage
Block certain phone functions such as camera and notifications.
Level 3 - Advanced
All of LEVEL 2 Plus:
Ransomware protection in Could Apps
*Must have content in SharePoint online or OneDrive for Business
Ransomware is everywhere these days, but not just in the news, it is a very common attack vector to have a ransomware attach happen in your organization. If this happens know you are protected since the documents in the cloud are version controlled and can be recovered without a lot of effort.
Defender for Endpoint deployment
*Requires Defender for Endpoint License
Gain full visibility into activities happening in the endpoint (malware, missing patches, missing KB configurations) as well as possible virus and other attacks by connecting Microsoft Defender for Endpoint to your environment. This also will handle device isolation in case of an attack.
Level 4 - Premium
All of LEVEL 3 Plus:
Privileged Identify Management
Receive approval for any elevated task to be done in Azure or Azure Active Directory this helps as a 4th line of defense against unauthorized privilege use
Sentinel Onboarding
Onboarding a Security Incident and Event Management solution for your environment, receive alerts and possible attack notifications via single pane of glass, with the first Born-in-Cloud SIEM Microsoft Sentinel.
Monitor changes to your Azure environment as well as Officer 365 and any other custom log provider.
Security Incident Alerting
Automate receiving security alerts and opening up service tickets based on pre-defined criteria of security or other kind of attack.