Jasco Blog

Layered Security Approach

April 8, 2021

Cybersecurity is a hot topic in today’s Modern Workplace. With hybrid work becoming a major influence on businesses, it was only a matter of time that securing staff became a high priority. Having multiple devices logging in from multiple locations is a huge concern for IT managers. What attempts are legitimate, and which are fraudulent become extremely blurry, and can cause unnecessary stress and anxiety if you do not prepare yourselves. 

Attackers are generally looking for the most expensive targets to infiltrate that will reap the best rewards. However, if you have solid layers of security measures in place, the effort can often outweigh the benefits to the attackers. Implementing these layers of security could save your workplace in the future. 

First Layer: Positive Security Culture 

The first layer of security revolves around the collective workplace. This is often a layer that many organisations breeze over, however as simple as it is, it has extremely positive benefits. The weakest link behind many organisations is often their own users. Staff who are not informed of potential threats to the business are the easiest targets. Therefore, if you can build a security culture where everyone is well trained, understands the threats, and are always on their toes when handling email, files, then you are much better equipped against attacks like phishing, credential theft, and social engineering.  

Tackle this by performing regular training with staff by doing attack simulations or even just informational activities will warn them of current threat trends. By doing this simple activity you can stop a lot of attacks before they even start. 

Second Layer: Preventive Security 

The second layer addresses a zero-trust security model. Requiring a M365 tenancy, we will be looking at the M365 secure score to implement recommendations significant to your business to make cyber-attacks harder to perform against the current tenant. Conditional access is a critical element of security that helps us bring in as many security signals as possible. We most want to enable as many integrations as possible like Azure AD Identity Protection, Defender for Endpoint, Intune, and Microsoft Cloud App Security. 

Third Layer: Threat Management 

This layer looks at monitoring and reacting to everything that happens in your environment. We need to have alert rules in place for identities, devices, threat detection, and incidents. There are many different security products in the market, but Microsoft 365 Defender makes it easy to manage the tenant. M365 Defender looks at alerts from all security products in Microsoft 365 and displays them in one central dashboard, creating unified incidents and incident reports. M365 security can form one dashboard and respond to threats and alerts holistically. 

 

Fourth Layer: Post Breach 

With the zero-trust model, we must assume an automatic breach, so this means we must presume the attacker has already infiltrated your system. In this regard, we need to ensure we have plans and processes put in place to clean up accounts. Overall, you should know how to shut down affected services, restore various kinds of backups, how you can open support tickets with Microsoft, and who you can contact if you need expert advice during an incident. With thorough preparations, you can minimise downtime and damage. 

 

By integrating these four layers of security you will have a solid security basis for your organisation. Making the change to a security-focused workforce could save you thousands. Invest in your security assets today to ensure you can survive an attack tomorrow. 

For more information or to talk to one of our security specialists reach out below. 

let's talk!