The need for effective IT security is as great today as it has ever been. A staggering 68% of UK businesses with 50 or more employees recorded IT security incidents last year according to the government’s 2021 cyber security report. After being hacked or suffering data loss, many of these companies faced huge costs, significant reputational damage, and ongoing business disruption.
If you are wondering what Microsoft is doing to help organisations protect themselves against this onslaught of cybercrime, the answer is a lot. Microsoft takes security very seriously and, at its recent Ignite conference, announced a range of new features specifically to help organisations improve their security posture. The Microsoft Endpoint Manager, available with Microsoft 365, provides a comprehensive security management platform and all the tools that organisations need to protect their users, data and systems.
While many organisations already have access to these Microsoft security systems and tools as part of their Microsoft 365 subscription, few are making full use of them. This is partly because organisations don’t always understand what tools are available and, partly, because they get overwhelmed by the sheer enormity of the challenge. They know that Microsoft can help them secure their end-user IT environments, but they don’t know where to start.
One challenge: four pillars
If you feel daunted by the necessity to improve your organisation’s IT security, try to avoid thinking about it as one large challenge. Instead, think of your end-user IT environment as a platform, underpinned by four key security pillars. Then, strengthen each of these pillars one at a time.
Pillar 1: Identity
Establishing and verifying the identity of users is the first and critical step in ensuring effective IT security. Organisations need to know who is logging into their corporate systems and networks and have a mechanism for blocking unknown users. Historically, most organisations have used on-premise domain control authentication systems that rely on matching user names and passwords.
However, passwords can be written down, lost, hacked, or easily guessed, so they no longer provide the robust protection that most businesses need.
Organisations that use Microsoft 365 can take advantage of the Microsoft Azure Active Directory to verify identities and manage access to corporate resources more securely. Azure Active Directory allows organisations, to set up conditional access rules, blocking users in countries outside of usual business territories. Meanwhile, Windows ‘Hello’ allows users to log into their Windows devices using facial recognition or fingerprints. These new methods of proving identity are not only more secure but also remove the hassle of managing, resetting and remembering passwords.
Pillar 2: Devices
Devices are the entry point to apps and services, so regardless of whether they are in the office or at employees’ homes, they need to be managed consistently and securely. The rapid adoption of home working during COVID-19 lockdowns led to an unplanned proliferation of devices accessing corporate networks, including employees’ personal devices. Consequently, many organisations today have devices on their networks with End of Life/End of Support operating systems that do not comply with industry standards – and this increases the risk of data breaches, data, phishing attacks, and ransomware.
While this may initially seem like an immense challenge to resolve, organisations can use Microsoft Endpoint Manager to manage all devices consistently, whether they are on-premises computers, company-owned laptops used remotely, or employees’ personal devices. IT managers can see which devices are on outdated operating systems with greater security vulnerabilities and enforce compliance with policies. Organisations can also easily update existing devices and provision new devices remotely using Windows Autopilot.
Pillar 3: Endpoint security
All devices or ‘endpoints’ in a network need to be adequately protected not only by anti-virus software, but also by disk encryption, firewalls, and detection and response solutions. Disk encryption is particularly critical for preventing data loss, as it ensures that hard drives are unreadable if laptops and computers are stolen and dismantled. In addition, detection and response technology is important to identify and quarantine rogue software programs that might be inadvertently downloaded in the background.
Microsoft offers a complete solution for endpoint security with its Defender for Endpoint. This cloud-based security solution, available with Microsoft 365, includes a full range of capabilities from risk-based vulnerability management and attack surface reduction to unified security management and endpoint detection and response. Organisations can also use Microsoft Endpoint Analytics to gain recommendations for how to improve the end-user experience.
Pillar 4: Applications
If employees are using applications that are end-of-life or end-of-support, your application estate will be more vulnerable to attack. All applications should therefore be updated regularly, and all users should have the same versions of the same applications. The challenge is increased for organisations that rely on in-house developed applications that are typically built on many layers of different technologies, such as python and Java. Care needs to be taken when updating these bespoke software solutions to make sure that updates are made to each layer.
Sometimes users install additional applications for personal use. However, if these applications are not managed centrally by the IT department, this ‘shadow IT’ can easily create a backdoor for hackers. Fortunately, there is functionality within Microsoft Endpoint Manager devoted to helping IT teams understand application usage and set up a catalogue of approved apps that users can download and use. Unified security management functionality within Microsoft Defender for Endpoint also helps IT teams implement quick, automated measures to address any potential application vulnerabilities.
The key thing to remember is that your IT platform needs all four pillars to be strong. You cannot just secure your devices and then put off implementing new processes for managing identities. Equally, you cannot update your entire application estate and not install the latest endpoint security. If any one of these four pivotal pillars is weak, the end-user IT environment they support could become unstable and insecure, putting your business at risk of cybercrime.
To find out more about how Camwood can assist with your IT Security, contact a member of our team today.