The task of cyber security is not new. Organisations that use technology to store and process data have always had the challenge of keeping a secure perimeter around their data. With the explosion in cloud adoption we are seeing new challenges, and new ways that cyber security has had to evolve, adapt and stay ahead of the curve.
The large scale data breaches, hacks and leaks that we see in the press on a regular basis are proof that no matter what your organisation is or does, you are not immune.
Security extends far beyond the installation of a firewall or improving the password policy. You must now consider user behaviours, threats from email, personal devices and innocent errors of judgement by your users just trying to find better ways to do their job.
Security must now be holistic in its approach and that’s exactly what we have designed in our Security as a service package. Taking the best in class from software vendors, working with professional security partners and our own in-house experts we can provide technical design, process design, policy creation and user training to help mitigate the potential risk of data breach.
Office 365 Advanced Security
Cloud and mobile computing present opportunities for your company to connect with customers, partners and improve operations. As you begin your digital transformation journey, you will have to tackle the challenges of how to effectively manage IT security, cyber security, privacy, and regulatory compliance.
Office 365 Security as a Service
Office 365 applications include both built-in Cyber security features that simplify the process of protecting data and the flexibility for administrators to configure, manage, and integrate security in ways that make sense for their unique business needs.
Microsoft Security in Office 365
Download the whitepaper from 2016 here!
What does this mean in practice? – “Security in the cloud is a partnership” (Microsoft)
|· IT Security Policy|
· Cyber Security policy
· Local Infrastructure
· End User Devices
|· Access management|
· Privileged accounts
· Anti-malware controls
· Email security
· Privacy controls
· Data loss prevention
|· Data Centres|
· Operating System
· Application Layers
· Data at rest in data centres
· Data in transit between
· Microsoft and customer
Microsoft operates and secures the Office 365 infrastructure and provides Office 365 application controls to help customers protect their information. Customers are responsible for configuring these controls to secure their data, and also for the security of their on-premises resources.
All organisations use information – for example, employee information, tax information, proprietary information, or customer information. If that information is compromised in some way, the organisation may not be able to function. Improperly configured security controls, whether IT Security or Cyber Security, are a contributing factor to many security breaches and incidents.
It is good practice to regularly check that security controls are configured correctly. UK Government DCMS Cyber Security Breaches Survey 2017 found that only one in three businesses are doing this. Pro-active security health checks complement other security arrangements that may be in place, and map to the ISO/IEC 27001 standard for information security management.
OfficeLabs Security As A Service (SecAAS) offering goes beyond Office 365 built-in security tools, providing assurance that security controls are configured appropriately and/or identifying opportunities to improve security. Remedial actions are prioritised based on costs and benefits. A Roadmap is developed to agree next steps and to implement actions, with assistance where required. Regular checks provide ongoing assurance and enable changes to be tracked over time.
Microsoft Mobile Device Management
Microsoft’s Mobile Device Management (MDM) is part of the Security & Compliance Centre within Office 365 and powered by Microsoft InTune.
With the move to cloud comes the ability to consider and adopt a bring your own device (BYOD) approach to mobile devices such as phones and tablets, keeping corporate data secure on mobile devices is becoming a significant challenge.
This is where MDM for Office 365 can help you secure and manage mobile devices such as phones and tablets, regardless of vendor or operating system, used by licensed Office 365 users in your organisation. Easily create mobile device management policies that can help control access to Office 365 email and documents for supported mobile devices and apps. If a device is lost or stolen, you can remotely wipe the device to remove sensitive information leaving the device intact.
Data classification and labelling
Essential for the introduction of the upcoming GDPR laws – it is crucial that you can classify and label the information being created and received into your business. GDPR is about the protection of personal data and there are approximately 160 different requirements to follow. This will only be possible with a change to your processes and the way you process stored data.
OfficeLabs provide a unique solution that helps you to become compliant.
Office 365 message encryption
Recently introduced as a new capability built on top of Microsoft’s Azure Information Protection platform is Office 365 Message Encryption (OME). The new capabilities make it easier to share protected emails with anybody inside or outside your organisation.
Protecting sensitive emails
Unintended breaches are becoming more challenging with the ease of use and more open policies to information sharing which is why OME provides the ability to encrypt and right-protecting emails that are sent from either inside or outside your company. This includes users of Office 365, non-Office 365 email applications, and web-based email services such as Gmail.com and Outlook.com. Both B2B and B2C scenarios are covered.
Key features of OME:
- Send encrypted email messages to anyone, regardless of their email address.
- Provide strong, automated encryption with an infrastructure you already own.
- Eliminate the need for certificates and use a recipient’s email address as the public key.
- Communicate through a Transport Layer Security-enabled network to further enhance message security.
- Enhance the security of email responses by encrypting each message in the thread.
- Control sensitive data with flexible policies or ad hoc customer controls that are built into Office 365.
- Easily manage sensitive data using single-action Exchange transport rules.
- Protect sensitive information and data consistently and automatically from leaving your gateway.
- Use policy-based encryption to encrypt messages at your gateway based on policy rules.
- Help manage compliance through strong integration with data-loss prevention capabilities.
- Easily navigate through encrypted messages with the clean Office 365 interface.
- Deliver encrypted email directly to recipients’ inboxes and not to a Web service.
- Decrypt and read encrypted email with confidence, without installing client software.
(Disclaimer) Implementation of effective security controls will significantly mitigate the risk of a security incident. No service can guarantee that an organisation or an individual will not be breached or suffer losses due to an incident.
These are just some of the benefits SecAAS can offer your company. When you book an appointment with an OfficeLabs consultant, they will talk to you in depth about your business needs, and how best to utilise the power of SecAAS. Remember, SecAAS is just one tool in the suite — OfficeLabs will ensure you get the most out of each of these applications. Making sure your business runs as smoothly and efficiently as possible is why OfficeLabs has been chosen by both FTSE 250 companies and huge public-sector bodies, and our no-jargon approach will let you talk to us with confidence about your requirements.
To request a call, simply fill out this form and one of our team will ring you back.