Tag Archive for: Azure

Quick Tips for Secure Cloud Deployment

“Can we move this to the cloud?” This question will continue to increase in frequency for the foreseeable future, as we have seen IT exponentially converging toward cloud Software as a Service (SaaS) over the last several years. While some of the more popular names like DropBox, Salesforce and Google Drive dominate the consumer and “prosumer” branding space, there are more powerful tools like Microsoft Azure (which underpins Microsoft 365 Office Suite and much more) that are increasing in market share for small business and enterprise. 

When your company transitions to a SaaS model, it will be important to consider the security risks since the cloud deployment is at the top of the stack and most typically managed and secured by a third party cloud service provider (CSP). So what is an IT manager or CTO to do? Cloud computing and storage has immense benefits, but how does one vet the various risks and choose the right SaaS solution?

A cloud security checklist!  

  • Evaluate Your Data: Paramount to everything else, IT and security staff must determine what type of data will be stored to the cloud and perform a risk assessment against it. How valuable is the data? What happens if it is lost or stolen? If it is inaccessible for hours/days/weeks what are the specific consequences to the business? As part of this assessment, it is also important to understand and assess the business continuity and disaster remediation practices of the SaaS provider. How long will your company be holding redundant data in house until the SaaS solution is trusted entirely?
  • Ask About Encryption: Know how securely the data is transmitted to the cloud. Is it encrypted during transmission and while stored? Many people will take this for granted, because most data would be transmitted securely by default, but it is important to know the risks and the procedures while taking extra precautions based on your own company’s potential edge cases. 
  • Consider Redundancy: Verify that the data in the SaaS environment is being backed up. How much redundancy exists? What are the provider’s data retention procedures? What are the procedures or fees for extracting data? 
  • Triple Check and Be Prepared: Since your company will not be managing the connectivity, storage, or the applications once they have been deployed to the cloud, it is crucial to understand how the SaaS application is running. Be sure to understand the intimate details of segmentation, resource allocation and security. Depending on your choice of provider and your budget, as well as the provider’s service packages, it may be possible to save money if you do not have to make any changes once deployment has been deployed. This is an opportunity to benefit in the long term by doing sufficient research up front. 
  • Ask About Ongoing Security: Make sure that the data transmission and storage is compliant with modern security standards. Discuss what monitoring the provider has in place, and make sure the client-facing interface supports things like 2FA as a standard practice. Are the submitting themselves to regular penetration testing? What are their internal remediation protocols? 
  • What About Passwords and Authentication? Review the type of authentication that is being used by the SaaS. Credentials, if compromised, could allow access to your corporate network, or other data if not properly segregated. So, make sure that authentication data is not shared between internal systems and the SaaS deployment. Also, as a general practice, make sure that all passwords used to log into the SaaS environment (and everywhere else) are unique, complex and have a lockout feature enabled.
  • Work With a Trusted Partner! While there are a million buzzwords and protocols that can be thrown around in a SaaS sales pitch, the thing that actually matters most is the cloud service provider itself. Nobody can be an expert in running their own business while also being an IT, cloud computing, storage and security expert. Make sure you choose a CSP that has the proper credentials and experience to manage your cloud SaaS environment effectively. 

Choose GoVanguard. A Microsoft Gold Partner and Tier 1 CSP. We offer service and deployment of the entire suite of Microsoft’s offering: powerful, elastic, cost-effective and featuring world class security standards. All Microsoft tools integrate with Office 365, Teams, Defender ATP and the glue that holds it all together: Microsoft Azure. Prices for the entire Microsoft Suite start in the $5.00 range per month. Contact Us to get started.  

At GoVanguard, we recommend a systematic approach to information security. Carefully and simply implemented security protocols can minimize the risk of exposure to data breaches and the penalties the proceed them. In order to successfully navigate data security protocols during this period of global pandemic, compliance protocols must be in place. That is why we have a rigorous cybersecurity risk assessment and program implementation regimen in place!  

Reach out to us today and see how easy it is to take control of your security and keep your data secure. 

Please Don't Zoom Me!  

The COVID-19 quarantine era will be remembered for a handful of interesting themes. After bat soup and face masks in bank lobbies, the meteoric rise of Zoom as the video conferencing app of choice will be long remembered for “Zoom Bombing” and as a gateway for much more problematic malicious attacks. While the software might be good enough for some home usersit is completely unacceptable for institutions and enterprise use.  

In just the last few weeks, Zoom has been found to have multiple zero day exploits allowing root access, an ID numbering scheme that can be easily brute forced with a repurposed “War Dialing” attack and a whole host of other unpatched exploits. While some of these things have been patched in recent updates, the fallout has been terrible with private videos leaked to TikTok and critical data shared across the internet. Respected infosec personality, Arvind Narayanan, has been so blunt as to say “Let’s make this simple: zoom is malware.”  

While there has been a campaign of damnation against the popular video conferencing platform, Zoom and its problems are only a small part of a bigger issue. No business should be using a patchwork of apps for their needs. The massive uptick of employees and students working from home has just shined a light on the problem! Dropbox for file sharingZoom for conferencing, Slack for collaboration, and G-Suite for word processing and spreadsheets… And all of that on top of chains of emails between colleaguesThe hodgepodge approach to business workflow software is confusing for users, and it is simultaneously a productivity, security and compliance nightmare. Each platform has its own update schedule as well as the potential for each piece of the puzzle having its own exploits that compound on each other, and most businesses don’t have licensing, know-how, or the IT and security staff to centrally manage user systems.  

So What Can Be Done?  

As a Tier 1 Microsoft CSP, we recommend taking a giant step away from the mosaic of apps out in the wild to consolidate everything into the only secure, enterprise-ready eco-system that can handle all document processing, cloud storage, team collaboration, group calling, and global security compliance management inside of one platform. Microsoft Office 365 and the accompanying tools are often a less costly platform for businesses as well. Currently, the E1 Office365 Suite is being offered for free for six months including the extremely versatile “Teams” platform, which is why we are strongly recommending the Microsoft suite of services right now 

What is Teams?  

In short, Teams is like Zoom, except that it has enterprise quality security and integrations with the most universal productivity apps in the world. On top of ISO 27001, HIPPA and SOC 2 security compliance, Teams adds in a user-friendly shared workspace for remote workers to communicate and make creative decisions together!  

This Includes world class implementations of the following: 

  • Threaded ChatWhile parts of a conversation can stay in the main thread, specific topics can be threaded.  
  • Channels: The most common topics or company verticals can be turned into collaborative channels. Both threads, channels and all chat functions give users the ability to delegate with the “@” command.  
  • Collaborative Documents: Using Sharepoint, documents can be created in Word, Excel or other applications and shared into Teams where other users can leave notes or collaborate on changes.  
  • Video Conferencing: One of the most valuable ways to collaborate is via group video conferencing with screen share for thousands of users and integrated chat, note-taking and photo/file display for desktop and mobile users.  

 With calendar integration, appointments and global integration, Teams is more like a combination of Slack, Zoom, Hangouts and GoToMeeting with the added benefit of never having to leave the overall Office 365 Teams ecosystem. In fact, a decentralized workforce could manage a large portion of their entire collaborative workflow without ever leaving the Teams environment at all. It is truly the backbone of the Office365 Suite, and it is the closest thing to working in a “real” office for those who work exclusively from remote locations.  

Teams Events 

Another feature of Microsoft Teams is its use as a presentation tool. Rather than having a meeting with open participation and equal privileges for all users, a Teams Event can have presenters, producers and attendees. This allows for multiple presenters to be able to work remotely or together in one space with the guidance of a producer who has control over active cameras or a presentation display working with PowerPoint or Stream 

The attendees can be managed at an organizational level for something like an internal conference, or they can be sorted out by paying members for a virtual trade show. For a more general audience or for doing an open webinar or a public Q&A session, the link can be tailored for anyone to be able to join with a limit of 10,000 participants.  

Oh! And for everyone who still thinks Zoom is just more “fun,” Teams even added background effects for video calls this week on top of being free until January 2021.  

Microsoft's Suite of Tools Also Comes With Several Bonuses!  

While there are plenty of reasons to criticize the “a la carte” approach to business productivity applications, there is a lot more to cover if we focus on the benefits of the Microsoft suite of tools and their benefits. One such tool is the world class end point security platform: Microsoft Defender Advanced Threat Protection (MDATP). A giant step up from traditional antivirus software, MDATP brings in central threat and vulnerability management system to quickly discover, prioritize, and remediate attack vectors and misconfigurations. This allows company security protocols to be enforced on all machines in the field while integrating directly with Microsoft to automate all processes.

Combined with Azure Sentinel, a world class SIEM tool, any company can upgrade its threat detection and response tools witcloud-deployed artificial intelligence; eliminating the need for security infrastructure setup and maintenance. This allows rapid scaling while reducing costs. Azure Sentinel aggregates data from all sources, including users, applications, servers, and devices running on-premises or in any cloud, so that IT and security staff can process millions of records in a few seconds. 

All of these tools integrate with Office 365, and prices start in the $5.00 range per month. In the pursuit of the most valuable office productivity suite, right now Microsoft is truly without a peer, and we ask you to Contact Us to get started.  

At GoVanguard, we recommend a systematic approach to information security. Carefully and simply implemented security protocols can minimize the risk of exposure to data breaches and the penalties the proceed them. In order to successfully navigate data security protocols during this period of global pandemic, compliance protocols must be in place. That is why we have a rigorous cybersecurity risk assessment and program implementation regimen in place!  

Reach out to us today and see how easy it is to take control of your security and keep your data secure.