Cloud Control – Security

Security in and through the cloud

Malicious actors don’t keep a nine-to-five schedule and are continuously trying to find new ways to breach through one’s security. Although Microsoft is responsible for securing their datacenters and services within, a customer is still responsible for securing their own environment. By leveraging Microsoft’s security solutions, you gain access to a wide array of capabilities, fueled by Microsoft’s expertise and billions of ‘signals’ from all across the world. By intelligently leveraging that information through various cloud services, you significantly increase your security posture and are always protected by the latest security intelligence –even when it comes to zero-day attacks.

What do we protect?

By leveraging Microsoft’s latest and greatest security solutions, we can protect both your Modern Workplace and (hybrid) cloud datacenter. The below diagram provides a high-level overview what services we secure and the way we do it:

 

At the center of the Modern Workplace and Azure datacenter services are Identities. These are protected with inbuilt capabilities like Identity Protection and Conditional Access.

Azure itself is secured through Azure Security Center, Azure Firewall and a variety of security solutions within the features. 

In the Modern Workplace, we additionally secure the endpoints through Defender ATP and Intune and keep data safe with Unified Labeling, DLP and Cloud App Security.

To make the data centrally available to us, we use both Azure Sentinel and the MS Security Graph API to create an interface to our SOC where you environment is monitored by both intelligent automated systems and the watchful eye of our analysts, 24×7.

How do we keep you secure?

Securing the enterprise is a continuous task. To help you become and stay secure, we have combined our continuous service improvement process with the NIST cybersecurity framework:

1. Assess

At the start of our journey together, we’ll perform an assessment of your current security posture, after which we’ll jointly develop a roadmap of what features and solutions need optimization or need to be implemented.

2. Protect – Detect – Respond

After the roadmap has been defined, we’ll implement and optimize your environment within a period of approximately 3 months. For this we use a variety of baseline policies which we have developed in-house and combine them with specific configuration parameters –unique to your environment. By investing heavily in the protection of your environment, we minimize the attack surface as much as possible. After all, it’s better to prevent than to remediate!

Once all optimizations have been implemented, our Cloud Control service will continuously keep an eye on your environment. We leverage a variety of techniques, both manual and through automated detection systems and will respond adequately if there is an alert which needs further investigation.

3. Review

In parallel to the Protect-Detect-Respond process, we’ll continuously monitor and review the configuration of your environment and use insights from our Cloud Control center as well as improvements in Microsoft’s services and solution to revisit the existing configuration of your environment.

4. Improve

In this phase, we’ll make changes to your configuration after which the entire continous service improvement process starts over again all the while the protect-detect-respond process runs independently.

Want to be more secure?

Michael Van Horenbeeck

Managing Partner & Solution Lead Security Services