Conor Alderson
Microsoft Corporate Executive
Ransomware attacks have increased by over 300% in recent years, with 50% of these attacks targeting Small and Medium Business (SMB) organisations.
It’s more important than ever to look at your security posture. And with that comes the principles of C.I.A. Not the American Government body – CIA means Confidentiality, Integrity, and Availability.
61% of SMBs were unable to operate during recent attacks, with the average cost of an SMB data breach totalling $108,000. It is no longer a matter of “if there is a breach”, it is when.
Vulnerabilities have been exposed in the move from office-centric work environments to remote/hybrid environments. So, the ability to elevate your own security, as well as standardising the security and productivity toolkit across employees in multiple locations gives businesses the ability to grow without obstacles.
Microsoft reveals the scale of the threat
Microsoft gives an overall view of the daily security issues faced by over 650,000 organisations across 120 countries. Microsoft Graph analyses 24 trillion threat signals a day and, in the last year, blocked 32 billion email threats.
While tracking 40+ nation-state actors (someone working on behalf of a nation's government) and 140+ threat groups, there is a building of the knowledge of how these bad actors will try to exploit current systems and how the right solutions can protect a company’s ability to operate both effectively and efficiently.
Microsoft’s Security Principles come down to:
· Protect Everything
· Simplify the Complex
· Catch what others miss
· Grow your future
Microsoft has always taken a strong view of working side by side with SMBs to make them more effective, efficient and secure. It is estimated that 60% of SMBs lacks the in-house skills to deal with an attack.
However, Microsoft’s modern workplace offering takes care of all three. When looking at security, Microsoft offers small-medium businesses a cost-effective, efficient, and extremely intuitive solution.
We see organisations in a position where they could be more protected. So, having the knowledge of the features already available and included in your Microsoft licensing is crucial, including best practices on how to deploy these services.
Introducing Microsoft Business Premium
When we think of an M365 plan for SMB customers, which includes security and the ability to assist in safe working, the one plan is the M365 Business Premium.
Given the multitude of features included in Microsoft 365 Business Premium, let us take a deep dive together into the services Microsoft provide: Enterprise, Mobility and Security (EM+S).
There is a lot to explain and many benefits for a low, all-inclusive cost.
· Microsoft Purview Information Protection Plan 1 (Previously known as Azure Information Protection Plan 1)
· Azure AD (Active Directory) Premium Plan 1 (Now part of Microsoft Entra)
· Microsoft Defender for Business
· Microsoft Defender for Office 365 Plan 1
· Intune for Mobile Device Management and Mobile Application Management
Microsoft Purview Information Protection is a data protection, retention, and data loss prevention (DLP) solution. Microsoft has three pillars of features within Information Protection, however, the one we will focus on is ‘Know your Data’.
This module allows for the application of sensitive information types, which allow users to know what their data landscape looks like with data classification giving graphical identification of items in the organisation that have sensitivity labels, retention labels or have been classified.
This classification of data allows for better retention, online archiving as well as DLP. There are also litigation holds to ensure no essential data in a legal matter is removed or modified as well as eDiscovery to allow for the easy manual search of the held data.
Identity management
Azure Active Directory (Azure AD) Premium Plan 1 is your identity and access management module allowing for the creation and maintenance of secure cloud-based identities, bringing many features.
The first of these features is Multi-Factor Authentication (MFA). This includes things like 2-Step verification.
A second feature is Single Sign-On, which allows for your Azure AD identity to be used for federated services – allowing sign-on to multiple online spaces based on the authentication in Azure AD.
Finally, Password-less Sign-In is another feature of Azure Active Directory. This would be your biometric sign-ins, such as facial recognition and fingerprint scanning. In addition, there is ‘Terms of Use’, which requires users to acknowledge company policies or similar documentation as part of the sign-in process – taking advantage of the conditional access feature.
Defending devices
Microsoft Defender for Business is your endpoint protection module. A feature of Defender for Business is Endpoint Detection and Response (EDR), as well as higher-level solutions such as automating investigations and response to threats detected.
Next-generation protection brings behavioural-based real-time security. This tool can also block file-based and fileless malware while stopping malicious activity from trusted and untrusted applications. Alongside this, there is Attack Surface reduction, bringing system hardening without disruption.
Microsoft Defender for Office 365 Plan 1 brings classic protection for Office and Exchange (Outlook) clients looking at safe links and safe attachments while bringing top-class anti-phishing protection, with impersonation protection as well.
Intune brings best-in-class Mobile Device Management (MDM) and Mobile Application Management (MAM). This module does not just cover mobile devices, it covers Android, IOS, MacOS, Windows and more, too.