Tag: Microsoft Solutions

Posted on by

Microsoft Announces Microsoft Threat Protection (MTP), But What Does This Mean For Their Cyber Security Users?

Microsoft Announces Microsoft Threat Protection (MTP), But What Does This Mean For Their Cyber Security Users? feature image

Summary: With Microsoft Threat Protection (MTP), Microsoft has announced big changes coming to their security apps. Focusing on bringing a unified solution that correlates data across their cybersecurity services, they want to offer an end-to-end security solution that will help users stay one step ahead of sophisticated cyber attacks.

With the global cyber security landscape becoming more diverse, it is becoming increasingly difficult to stay protected against cyber security threats. The cyberspace is a new battlefield, and businesses should always assume that someone is attempting to hack into their systems and exploit their environments.

Microsoft Threat Protection (MTP) Is the Answer to New Cybersecurity Threats

Microsoft Threat Protection (MTP) is the most exciting update of the Microsoft Ignite 2018 that was held from September 24 to September 28, 2018, in Orlando, Florida. The Ignite Panel on Microsoft Threat Protection explained a large portion of the changes coming to their cyber security services.

What Is Microsoft Threat Protection (MTP)?

Microsoft Threat Protection is Microsoft’s latest response to the increasing complexity of the digital estate and security issues that come with it.

Anything connected to the internet can be attacked. This not only includes laptops, tablets, phones, but also IoT devices such as smart meters, smart watches, and others – all of them are possible vectors of attack. The endpoints in the environment that are a target of cybercriminals are not just computers or phones, but complex systems like smart cities, sensors, smart cars, and smart energy grids.

These are coordinated and intelligent attacks, and it’s been an ongoing game of cat and mouse, where cybercriminals land a blow, the security experts respond, then cybercriminals find new exploits, and so on.

Microsoft Threat Protection aims to break this cycle and ensure to stay one step ahead by using the power of cloud computing, automated responses, and scaling capabilities to secure everything.

Why Did Microsoft Decide to Develop MTP as an End-to-End Security Solution?

The digital environment is more diverse than ever before, and Microsoft Threat Protection aims to offer a solution that protects enterprises and their digital environment against a growing number of sophisticated cyber attacks.

Once a cybercriminal gets access to any device within a system, they also get access to everything that the device has access to, searching for additional logins on the affected device to move across your whole environment.

Microsoft Intelligent Security Graph

The Microsoft Intelligent Security Graph is the foundation of all the security services included in Microsoft Threat Protection. It gives insight into various attack vectors and shows how many security threat signals are coming in daily from consumers and corporations – 6.5 trillion signals a day. Those signals are gathered from users, corporations, and Microsoft services.

The graph shows just how many signals are detected in various areas, such as Outlook, where over 400 billion emails are analyzed, or from 1.2 billion devices that are scanned each month, where over 5 billion threats are detected in that time.

Every single security alert and signal that is received is part of a larger attack, and it’s difficult (and very expensive) to correlate all signals across all devices. The Microsoft Intelligent Security Graph requires analysis by more than four thousand in-house security specialists, with over $1 billion invested each year into cyber security.

It is virtually impossible for most enterprises to have access to such security skills and budget to correlate all threats to their digital estate. Microsoft, therefore, offers enterprises the ability to use Microsoft’s vast cloud computing capabilities and insights by choosing MTP as their ultimate cyber security solution for all digital devices and assets you have in their environment.

How Microsoft Security Solutions Used to Work…

Before this, Microsoft’s threat protection was divided between their various services, which meant that cyber attacks could happen outside of those areas, in the gaps that were not covered by a specific service.

By bringing all these services closer together and having multiple apps address the different aspects, those gaps are covered and the risk of a breach is lowered.  

What Services Does Microsoft Threat Protection Include?

Microsoft Threat Protection isn’t a single app that covers all cyber security needs. It’s a group of services that work together to ensure all attack vectors are suitably covered from multiple angles.

The Services included in MTP are as follows:

  1. Azure Active Directory – This covers identity and access management.
  2. Azure Advanced Threat Protection (ATP) – This covers detection of advanced attacks across the digital environment.
  3. Microsoft Cloud App Security – This is a Cloud Access Security Broker (CASB) that covers data protection in the cloud environment.
  4. Microsoft Intune – A part of Microsoft Enterprise Mobility and Security, Intune is a cloud-based service that helps you manage mobile devices, apps, and the way workforce accesses and shares company information.
  5. Windows 10 – These are updates to existing security services like the Windows Defender.
  6. Azure Security Center – This is a unified security management system that protects hybrid workloads running in Azure and other environments.
  7. Windows Defender Advanced Threat Protection – Windows Defender is getting new capabilities that include post-breach detection, investigation options, and response.
  8. Office Advanced Threat Protection – This covers malicious attacks found in emails, collaboration tools, and links.
  9. Office Threat Intelligence – These are threat protection capabilities across all Office apps.
  10. Windows Server Linux – This covers Linux based servers.
  11. Exchange Online Protection – This covers email filtering, spam and malware protection, as well as protection against messaging policy violations.
  12. SQL Server – A protection through advanced machine learning.

Those services work in tandem to secure the five pillars of cyber security. This gives them greater coverage of possible attack vectors and in case one service doesn’t address a specific vector, the other will. These are the five pillars:

  • Identities – This pillar includes vectors such as users and admins and is protected by the following services: Azure Active Directory, Azure Advanced Threat Protection, and MS Cloud App Security.
  • Endpoints – This includes all types of devices and sensors that could be possible vectors for a breach. It’s protected by Microsoft Intune, Windows 10, Windows Defender ATP services.
  • User Data – All email messages and documents are protected by Microsoft Cloud App Security, Windows Defender ATP, Office 365 ATM, Office Threat Intelligence, and  Exchange Online Protection.
  • Cloud Apps – All data stores and SaaS solutions/apps are covered by MS Cloud App Security, Office 365 ATP and Exchange Online Services.
  • Infrastructure – All enterprise servers, virtual machines, networks, and databases are protected by Windows Server Linux, SQL Server, and Azure Security Center.

How Do Enterprises Use and Benefit from MTP

A good example of how enterprises benefit from MTP is Telit, who has over twenty years of experience in IoT and offers end-to-end IoT solutions. They use Microsoft’s services to protect everything: from IoT Products, over Services, IoT consulting, and building systems for enterprises.

They realized quickly that by having a unified system, they can address any security issues more efficiently and save a lot of money when compared to using different providers for each aspect of their business.

Your enterprise will benefit because instead of using the top services for each category, the MTP unified system can secure all of the following, and more:

  • Mail protection and encryption
  • Mobile device management
  • Endpoint security
  • Incident response
  • Cloud access
  • Securing data and apps
  • Data classification and governance
  • Data loss prevention
  • Compliance (GDPR)
  • Identity protection and privacy

Microsoft Threat Protection addresses the following cybersecurity pain points and helps enterprises by offering the following:

Integration – All security products should aim to be closer together and better integrated. This improves response and automation and closes gaps is security where attackers often operate.

Intelligence – The power of the cloud can improve security across all apps.

  • For example, businesses can have an overview of each user activity and get alerts on unusual activity or devices for each of their accounts or identities.
  • MS combines machine learning to detect deviations from usual patterns in user/ID/machine behaviour and activity.

Automation – The focus is placed on incidents that are most important, not all of them. This saves time on mundane and routine tasks through automated actions for each type of attack.

  • Alerts are correlated across machines and network to figure out how it happened and whether it’s part of a larger incident.
  • The incident takes X number of alerts and groups them together, shows the timeline of all alerts, and shows affected machines, emails, users what investigations and actions were taken.
  • By combining services to correlate alerts, better detection and response is achieved, and it’s easier to secure all the attack areas, strengthening the overall security.

A User-Centric Approach – Solutions are geared toward how users work.

  • For example, in emails, you will be able to display the underlying URL instead of the text part to immediately see if the link was spoofed. This offers security against threats targeting users (phishing etc) while not undermining the user experience.

EcosystemIntelligent Security Association – Instead of trying to cover every security aspect on their own, Microsoft is working with over thirty leading security tech providers to expand security coverage.

The Purpose of MTP

Microsoft wants to take a more active part in the realm of cyber security, and their threat protection gives them an important role of a cloud security provider. With their Intelligent Security Graph analysis, their Microsoft Threat Protection combines integration, intelligence, and correlation, and gives enterprises access to their computing power and scale.

Ideally, MTP will offer the following:

  1. Protection Against All Attack Vectors – The optimal solution is to stop all attacks, but since this is impossible, it should stop as much as possible from breaching the system.
  2. QUICK Detections When a Breach Occurs – Since some attacks will sneak by, it is crucial that they are detected as soon as possible.
  3. Response and Remediations – Once a breach is detected, adequate action should be taken. Here, automation options help take care of smaller threats by automatically remediating them, while larger threats will be brought to attention and the system will await input on what to do with them.

While MTP will make it easier to protect every aspect of your digital estate, user education and training are important too. Here, MTP wants to help businesses teach their employees about security risks, what they have to understand, and why they might be targets.

Ultimately, Microsoft Threat Protection should reduce complexity, time, and lower costs on incidents by offering an end-to-end security solution that also works with external security providers to truly extend their cyber security reach where it matters.

Posted on by

How to Hold an Azure Information Protection Staff Training

How to Hold an Azure Information Protection Staff Training feature image

In light of the latest data security climate, where a risk of a breach is higher than ever, it is of utmost importance to keep valuable data safe. Microsoft’s Azure Information Protection (AIP) helps in achieving this goal and it’s the solution we recommend.

Particularly when you consider that the UK average cost of a data breach is close to £2.87 million ($3.68 million) according to a recent report from the Ponemon Institute.

Azure Information Protection is a cloud-based data protection solution that keeps data safe through advanced encryption, identity, and authorisation policies.

But. 

Adopting AIP isn’t enough – you need to train your staff on how to use it properly. Newly accepted regulations like the EU General Data Protection Regulation (GDPR), combined with concerns about what awaits the UK in terms of free data flow after Brexit, make data security an important aspect to every company, so it makes sense to invest into Azure Information Protection staff training.

Ensuring Your Employees Are ‘On Board’

Change is something many employees are not fond of, so getting them on board with Azure Information Protection Staff Training is the first thing to do before you begin with implementation and actual training.

When your employees are educated on GDPR and data breach consequences, they will become more engaged in Azure Information Protection staff training. Not being compliant and risking a breach could cost them their job because many businesses that suffer a major data breach never recover. 

But, how do you do hold Azure Information Protection Staff Training?

Step #1 Educate on the Risks

Start by making your staff aware of the dangers of security breaches and just how little it takes for one to occur if data protection is lacking.

Step #2 Explain Their Role in Compliance & Data Protection 

Many employees are not aware of just how important they actually are in keeping data safe. Start by explaining their role in the company security and compliance. Explain that whenever they send data – be it email or access to a folder – to somebody inside or outside of the company, it can be a security risk. The risk here is that often there are no resources that would monitor or restrict misuse of that shared data.

The most recent statistics included in IBM’s Cost of a Data Breach Report show that a staggering 27% of all data breaches that happened was caused by a human error – in other words, employee negligence was the cause.

Think about the following scenario: You are sending sensitive financial data to an outside partner. The partner is negligent and sends this confidential data to parties that should not have access to it. This constitutes a data breach.

A data breach has serious consequences far beyond actual financial costs including:

  • Hacking
  • Downtime
  • Loss of customers
  • Loss of personally identifiable information (PII) from customers and employees
  • Loss of intellectual property
  • Loss of financial information
  • Breach of data protection laws
  • Legal fines and claims
  • Reputation damage

Step #3 Show Why Azure Information Protection is the Solution 

Proper training will help reduce the risk of a data breach as a result of human error. Before you fully implement AIP, ensure your staff become familiar with all the features and that each department knows how to utilise its full potential. 

Explain how Azure Information Protection works and how, when integrated, in the organisation it can help on an operational level. 

Step #4 Show off Features They Can Use

During Azure Information Protection staff training, the focus should be on providing specific and detailed guidelines to each department. Present all the important features that AIP offers:

  • You Can Classify Your Data – AIP helps classify and label data based on how sensitive it is through a system of labels that automatically protect it once applied.
  • 24/7 Protection – Once you classify data and protect it, it stays protected. AIP follows data and ensures it’s protected even when shared outside of your organisation or stored on an external device.
  • Track Data and Revoke Access  – AIP helps you track what is happening to data you have shared, and in case it’s needed, you can easily revoke access.
  • Log and Report Support Compliance – Get access to powerful features that help analyse and monitor usage of data. The reporting feature helps maintain compliance with rules and regulations.
  • Safe Collaboration – Thanks to labeling and classification, you have complete control over who has access to data and how they can interact with it.
  • Microsoft Office Integration – AIP is integrated into MS Office so you can secure any document with a single click as well as automatically in the background. 
  • Easy to Manage and Deploy – AIP works in the cloud and on-site equipment too.

Step #5 Make it Specific

Once done, provide each department with detailed guidelines and best practices for using AIP specifically for them. For example, teach your finance department staff on how to use AIP features like the Do Not Forward Button or Sensitivity Bar, or your marketing department on how to apply AIP labels and send data to external partners.

If you want to make your AIP staff training easier, we’ve created an Azure Information Protection Staff Training Course on The TowerWatch Academy.

Posted on by

How Azure Information Protection Can Be Used in GDPR Email Compliance

Today, businesses make data-driven decisions in order to have a competitive edge. If your business deals with personal data from customers, it is required to be compliant with EU’s General Data Protection Regulation (GDPR) requirements this means disclosing how it handles data and ensuring that data remains safe.

Everything You Need To Know About GDPR & How It Will Affect Your Business

Why You Should Use Azure Information Protection for GDPR Emails

Sending sensitive data internally or to recipients outside your company carries a certain risk. Every email you send could lead to a disclosure of sensitive data, which constitutes a breach of GDPR. Therefore, investing in the protection of emails and files that are sent is crucial.

Azure Information Protection help keep your emails safe through advanced encryption and protects data at a file level with any attachments you might share too.

It’s a great solution that we recommend to our clients and one we can deploy seamlessly.

How to Install Microsoft’s Azure Information Protection for Small Businesses

While GDPR email compliance may seem like just another regulatory hassle, it is actually an opportunity to invest into your company’s digital security. The most recent data from the Ponemon Institute shows that the global cost of a data breach is increasing steadily, and in 2018, it has reached $3.86 million.

If that’s not enough to convince you, why not use IBM’s data breach cost calculator and see what yours could actually cost.

The Latest Data Breach Report Shows a Troubling Trend

A data breach carries serious consequences, and every business operation will suffer financial, sales, marketing, safety, you name it. The 2018 Cost of a Data Breach Study states there are three main causes of a data breach, with percentages of attack globally being:

  • Malicious or criminal attack the main reason for 48% of all breaches
  • System malfunction the cause of 25% of all breaches
  • Human error the cause of 27% of all breaches

The report shows that human error was the reason behind a data breach more often than a system malfunction was, while malicious and criminal attack took first place.

Note: It’s important to state that human error only includes insiders who were careless, while malicious attacks also include insiders, third parties, and contractors who caused a data breach intentionally.

In the UK specifically, malicious and criminal attacks were the reason of 50% of all breaches, human error was behind 26%, with system glitch causing only 24% of all data breaches.

This means as high as:

 76% of all GDPR breaches in the UK can be caused by either negligence or malicious intent.

Which can be vastly reduced when using a file or email encryption like Azure’s Information Protection

The True Cost of a Data Breach to Your Business

How AIP for GDPR Emails Keeps You Compliant

Azure Information Protection (AIP) is a cloud-based service that allows you to protect any sensitive and confidential data through encryption. You can protect local data you keep on your devices or data that you store in the cloud. When you send that data outside of your company, the encryption remains in place because it’s active at a file-level.

This means that even if you’re compromised, documents that are recovered cannot be read or unencrypted. Plus, intercepted emails cannot be read unless the intended user verifies themselves.

Ultimately, AIP can’t stop your users from making a mistake, but it can support them and arm them with the tools to protect company data properly.

Azure Information Protection Protects Against Malicious Intent

For example, if one of your employees or third-party recipients wants to email a file to an unauthorised person, they won’t be able to do so. Plus, AIP has a great feature called Do Not Forward for GDPR compliant emails. When this option is used, the recipient must first be authenticated to even view the email, and this is all they can do. They can’t forward the email or print, or screenshot. This ensures the email is for their eyes only and that they cannot execute a data breach by forwarding onto non-approved users that would lead to GDPR violation.

Documents attached to these emails are also counted as DO NOT FORWARD and will have the same restrictions.

Azure Information Protection Activity

Not only does AIP limit who can view the data, but it also tracks how that data is being used. By doing so, it ensures that data is safe at all times and that GDPR compliance standards are met. Plus, if you suspect there’s a risk that the data could be used in a way that violates GDPR regulations, you can even revoke access to it.

There are a range of other uses for Azure Information Protection to help keep your company emails and files protected. If you need help learning the reigns or want to deploy Azure Information Protection Yourselves, get started today by clicking here.