secure – your ENVIRONMENT
Putting existing technology to work in new ways is a great way to minimise the impact of too much change to internal teams or customers. Staff will accept tighter controls over more tools and deployment of tools.
questions that need to be asked and answered
Are your remote access tools and services secure?
Necessity has meant you’ve had to increase your use of remote access technology; problem is you don’t know how secure it is.
Are the security tools that you own effectively deployed?
Most organisations own a lot of security tools, some you’ve implemented, some you haven’t. Make the most of what you own by taking the time to understand how they can increase your threat defenses.
By following these actions you will better understand your posture and be on track to a more secure business.
- Ensure your remote access solutions aren’t vulnerable, conduct testing to understand your risks.
- Any new SaaS services you’ve turned on should be tested, especially if it holds PII or sensitive data.
- All clouds are different, the security of your information is your responsibility. Undertake a security review of your Cloud architecture and policies to make sure you’re not exposed.
- Not all data belongs in every cloud, monitor what data your users are storing and where. If it’s not appropriate work with the user on alternative solutions.
- Microsoft Secure Score measures your Office365 security posture, with a higher number indicating greater security. Follow the Security Score recommendations so you can better protect your organisation from threats.
- From a centralised dashboard in the Microsoft 365 security centre, you can monitor and work on the security of your Microsoft 365 identities, data, apps, devices, and infrastructure.
- There’s been a significant increase in phishing email attacks, you need to improve your email defense by tuning policies or implementing more effective email filters.
- One of the best forms of cyber defense is end user education. Implement a Security Awareness campaign to help your people detect phishing emails and scams. It doesn’t need to elaborate but it does need to be effective.