Identify the core elements of your cloud ecosystem and develop a security strategy for how to secure them.

Recent Post

Asset Management 

The data, personnel, devices, systems, and facilities that enable the organization to achieve business purposes are identified and managed, consistent with their relative importance to business objectives and the organization’s risk strategy.

Discovery Questions

Ten important questions that you need to ask yourself about the security of your company’s data.

  1. What applications or portals are you users accessing corporate data?  
  2. What apps contain business critical data?  
  3. Are users accessing corporate data from a personal device?  
  4. If a user leaves, how do you know they don’t have corporate data stored on their personal device?  
  5. Do users access email through their personal cell phone?  
  6. Are there business-critical pieces of data that would leave you exposed if a personal device was compromised?  
  7. What would be the cost to the company if this data was leaked?  
  8. Are you compliant if data is leaked to unmanaged applications like a user’s personal Google Drive?  
  9. Do you want your users to be able to access corporate data securely from anywhere at any time?  
  10. Do employees have access to corporate apps after they leave the company?  
    1. How do you know if they do? 

Microsoft 365 Solution

Azure Active Directory and Intune 

    1. Managing and protecting key assets in a zero-trust model is a foundational component of M365 Business.
    2. The solution allows you to discover and grant access to resources based on user and device trust claims.
    3. Management of users’ identities, PCs Macs, Mobile devices, and cloud applications can all be controlled at a granular level on or off your trusted network.

Business Case

Example Intune Mobile Application Management – MAM:

A user accesses their email on their personal cell phone. They try to save a corporate document to their personal Google Drive. They are blocked from doing so with a message that states their corporate policy does not allow saving to unmanaged applications.

Example Azure Active Directory AD:

Change Management has always been a cumbersome process for company XYZ and users often grow frustrated when they move across departments because they do not have the access to applications they need. Using Azure AD, you can add applications to the portal for single sign-on and grant access based on group membership. We now have an inventory of all applications the company uses and know who can access those applications.

Action Items

  1. Gather an inventory of all applications across the organization and assign them a risk score
  2. Understand what devices types you will support from a Mobile
  3. Device Management standpoint
  4. Create a Compliance Policy for each Device type you defined above
  5. Enroll Devices into MDM
  6. Create an app protection policy Windows, i0S, and Android devices for mobile application management