AgileAscend: Microsoft Security Implementation
Zero Trust Architecture
Zero Trust Architecture (ZTA) is no longer a buzz-word, but a proven strategy mandated by the federal government, and adopted across industries. Agile IT has been implementing ZTA best practices since prior to NIST guidance and have continued to refine our practices as new guidance is issued. For this purpose, we model our approach on the GSA’s newest eight-pillar model which consists of:
• Identity
• Devices
• Data
• Network
• Application
• Infrastructure
• Visibility and Analytics
• Orchestration and Automation
Identity – The Center of Security
With hybrid and remote workspace now the norm, protecting your users identities is often the most critical step in defending your environment. Agile IT’s proven method leverages Microsoft tools including Azure Active Directory and Microsoft Defender for identity to enforce:
- Multifactor Authentication and Conditional Access – Explicitly validate trust of users and endpoints requesting access to your resources. This helps build a de facto security perimeter around these modern resources with modern controls and provides simple consistent policy enforcement across them.
- SSL and SAML – Juggling passwords leads to simple and/or repeated passwords. By establishing a single trusted source for identity across all of your applications you simplify your user’s day to day work and greatly enhance security.
- Azure Privileged Information Management – Least privileged access with just-in-time (JIT) and Just-Enough-Access (JEA)
Identity – The Center of Security
With hybrid and remote workspace now the norm, protecting your users identities is often the most critical step in defending your environment. Agile IT’s proven method leverages Microsoft tools including Azure Active Directory and Microsoft Defender for identity to enforce:
- Multifactor Authentication and Conditional Access – Explicitly validate trust of users and endpoints requesting access to your resources. This helps build a de facto security perimeter around these modern resources with modern controls and provides simple consistent policy enforcement across them.
- SSL and SAML – Juggling passwords leads to simple and/or repeated passwords. By establishing a single trusted source for identity across all of your applications you simplify your user’s day to day work and greatly enhance security.
- Azure Privileged Information Management – Least privileged access with just-in-time (JIT) and Just-Enough-Access (JEA)
Devices
Bring Your Own Device policies can simplify life for your users, but can be a nightmare to understand the security behind it. Agile IT deploys Microsoft Endpoint Manager and Defender for Endpoint to protect mobile devices, workstations, and servers.
- Mobile Device Management (MDM) and Mobile Application Management (MAM) – Agile IT gives you the option to manage corporate owned devices, or protect your data on employee owned devices.
- Microsoft Endpoint Manager – Cross-platform Unified Endpoint Management (UEM) across Windows, Linux, Mac, iOS, and Android.
Data Protection
From intellectual property theft to ransomware, data is the number one target in your environment, no matter what your business is. Agile IT establishes strong data loss prevention across your environment, SaaS applications, and 3rd party clouds with Microsoft Information Protection and Defender for Cloud.
- Data Loss Prevention (DLP) – Achieve granular access control to your most valuable information, making it easy to revoke access to your information even when it leaves your environment.
- Governance – Meet stringent industry controls with Compliance Manager, Data Governance, and Advanced eDiscovery
Data Protection
From intellectual property theft to ransomware, data is the number one target in your environment, no matter what your business is. Agile IT establishes strong data loss prevention across your environment, SaaS applications, and 3rd party clouds with Microsoft Information Protection and Defender for Cloud.
- Data Loss Prevention (DLP) – Achieve granular access control to your most valuable information, making it easy to revoke access to your information even when it leaves your environment.
- Governance – Meet stringent industry controls with Compliance Manager, Data Governance, and Advanced eDiscovery
Network Security
As more users work from home, coffee shops, and on the road, traditional network protections have changed greatly. In many cases, defending endpoints, identity, and data is sufficient to protect most critical resources. The network layer can be used to enable granular controls but should be guided by a zero trust policy engine rather than static policies at the perimeter.
- Passive Monitoring – Monitor network traffic for anomalous behavior with Microsoft Defender while enabling automatic response with Azure Sentinel
Infrastructure
The entirety of your technology environment must be protected, This includes IoT like medical devices and manufacturing equipment, SaaS applications like SalesForce and your own development environments. Aggressively monitoring and repairing out of date and vulnerable systems is critical.
Isolate and Retire – Identify out-of-date and vulnerable hardware and software and isolate or retire platforms that can not be updated.
Identify your Biggest Risks – AgileMAX can help you employ Secure Score in Microsoft Defender for Cloud to understand where technical investments will have the most impact.
Infrastructure
The entirety of your technology environment must be protected, This includes IoT like medical devices and manufacturing equipment, SaaS applications like SalesForce and your own development environments. Aggressively monitoring and repairing out of date and vulnerable systems is critical.
Isolate and Retire – Identify out-of-date and vulnerable hardware and software and isolate or retire platforms that can not be updated.
Identify your Biggest Risks – AgileMAX can help you employ Secure Score in Microsoft Defender for Cloud to understand where technical investments will have the most impact.
Visibility and Analytics
Even if every part of your environment keeps logs, you are left in a reactive state if you only consult them after an incident. Having a central location to monitor your environment lets you act on intelligence rather than react to incidents.
- Log Analytics Workspace – Agile IT can help you connect every piece of your environment for log ingestion into Log Analytics Workspace, both preventing attackers from destroying logs, but also giving you 100% visibility into threats
- Microsoft Defender – Microsoft Defender’s many flavors bring threat analytics directly where you can see them and act on them with NO 3rd party agents.
Orchestration and Automation
Without intelligent automation and orchestration there are two states of monitoring: Alert fatigue and missed alerts. Agile It can enable Azure Sentinel, Microsoft’s cloud native Security Orchestration, Automation & Response (SOAR) solution in your environment and help you in establishing playbooks to intelligently and automatically respond to alerts.
- eXtended Detection and Response – Agile It can combine the Security Incident & Event Management (SIEM) functionality of Sentinel with the advanced threat hunting capabilities of Microsoft Defender.
- A true 24/7/365 Security Operations Center – Use your own SOC team with Agile IT Security Onboarding or employ AgileMAX as a true cloud Managed Security Service Provider (MSSP).
Orchestration and Automation
Without intelligent automation and orchestration there are two states of monitoring: Alert fatigue and missed alerts. Agile It can enable Azure Sentinel, Microsoft’s cloud native Security Orchestration, Automation & Response (SOAR) solution in your environment and help you in establishing playbooks to intelligently and automatically respond to alerts.
- eXtended Detection and Response – Agile It can combine the Security Incident & Event Management (SIEM) functionality of Sentinel with the advanced threat hunting capabilities of Microsoft Defender.
- A true 24/7/365 Security Operations Center – Use your own SOC team with Agile IT Security Onboarding or employ AgileMAX as a true cloud Managed Security Service Provider (MSSP).
Microsoft Security Onboarding
Zero Trust, Zero Risk, Zero Downtime. Schedule a call with a cloud solutions advisor to find out how you can leverage your existing Microsoft licensing to reduce your attack surface, increase response time, and remove the threat posed by third-party security and management solutions like Solarwinds and Kaseya.
Agile IT is a four time Microsoft Cloud Partner of the Year and one of the top 100 cloud computing solution providers in the world. And hold 15+ Gold Microsoft Competencies – including a Gold competency in Security. We have been a trusted advisor for our customers since 2006.
Recent Articles from Agile IT
Removing Hybrid Exchange
Prior to Microsoft’s update to the Exchange management tools in Exchange Server 2019, it’s likely that you were locked into an Exchange hybrid deployment for recipient management. Fortunately, it’s now possible to eliminate that last on-premise Exchange server. This means…
What You Need To Know About GCC High Feature Parity
What is GGC High Feature Parity? Have you ever wondered why Microsoft’s Government Community Cloud High (GCC High) always lags behind Commercial Microsoft 365 in terms of releasing new features? Feature parity can be a significant decision point when moving…
What is Microsoft Copilot?
Microsoft Copilot: Everything You Need To Know Are you curious about the latest advancements in Artificial Intelligence (AI) and how it’s changing how we work? As technology evolves, AI is becoming increasingly prevalent in our daily lives. One of the latest developments in…
