With users storing your organization’s data across multiple cloud platforms, companies are now more susceptible than ever before to a cybersecurity breach, potentially exposing their sensitive data and systems to unwarranted users. For companies small and large, being protected from these threats can be a monumental undertaking, especially with many businesses embracing the cloud.
The cloud is becoming the world’s computer and redefining the way we deliver services. Cloud computing provides businesses a myriad of benefits, including flexible computing, timely and reliable communication, insight into stored data for informed decision making, and high availability for business applications. All of these perks translate into better business outcomes. However, to leverage this cloud platform securely, businesses need a sound ‘Zero Trust’ security architecture instead of the traditional ‘trust and control’ security model. Subsequently, Microsoft has designed its comprehensive cloud security platform focusing on tool integration that supports highly scalable security automation and orchestration. As recognized by Gartner and Forrester this past year, Microsoft’s best-of-breed security tools help businesses understand threats and respond to incidents proactively. However, many enterprises still implement numerous third-party tools within their environment, which exponentially increases the monetary investment and architectural complexity.
With a comprehensive understanding of cloud and hybrid computing architectures, Infused Innovations — a Microsoft Gold partner with 10+ competencies—has placed itself at the intersection of technology, business, data, and human interaction by automating and orchestrating business cybersecurity environments. Dan Chemistruck, CISO, and VP of Services at Infused Innovations, says, “Microsoft has created a best-of-breed platform with more than 90 security products that are fully integrated via their Intelligent Security Graph. By taking a ‘Microsoft-first’ approach to cybersecurity vendor selection, we remove complexity, deliver a faster time to value, and lower breach detection times from months to hours.” Chemistruck goes on to say, “If an organization is using Microsoft Defender ATP as their anti-virus solution, they can use any detected intrusion to block sign-ins to SaaS platforms like Office 365 or Salesforce, on any device anywhere in the world; no VPN connection required. There is no other solution in the world that provides such a rich productivity suite, along with enterprise-class security tools to protect it, at prices that are affordable to organizations of any size.” In short, companies that leverage the Zero Trust framework delivered by Infused Innovations can quickly detect a cyber-attack and block it as it happens—no need for human intervention to trigger a playbook.
Infused Innovations’ Zero Trust approach to cybersecurity begins with a security assessment to understand which tools a company is using and how they are utilized. Based on this assessment, Infused Innovations develops a security roadmap focused on three ‘Zero Trust Security Accelerators’ that cover identity, data, and devices. The first accelerator focuses on modern authentication, where multifactor authentication (MFA) is deployed, setting up conditional access rules to only challenge users for MFA when there is a potentially risky sign-on, and blocking legacy authentication protocols. For example, when employees log into their email, the user might also receive a message on their phone prompting them to approve the sign-in. Following this, the company focuses on data and device protection to ensure that devices are updated, encrypted, and auto-locked with biometric authentication. Should a device fail any of those three requirements, it is blocked from signing in. The last accelerator focuses on enabling advanced threat protection by integrating security playbooks, reports, and orchestrated responses for services deployed in the first two accelerators.
Human minds can no longer keep up with the speed of current cyber-attacks. Using a zero-trust security framework is the most reliable way to protect your organization, users, and your data from modern threats
Once the security platform has been configured, Infused Innovations then turns on log collection and analytics to correlate events from each security product. This translates into a more reliable set of contextual metadata that is used as a part of every sign in for any application integrated with Azure AD, Azure SSO, or SAML. This includes Windows or MacOS device sign-ins, something you are unable to achieve with a traditional Active Directory environment. In addition, by reducing false positives with AI and machine learning, end users are not consistently given false security prompts, and IT staffs have fewer alarms to review. This results in a better overall experience. After completion of these accelerators, Infused Innovations provides their managed Intelligent Threat Protection services to respond to every security alert and keep tenants current with updates to their security toolset. Lastly, if a machine is successfully compromised, Infused Innovation’s deployed tools make it easy to restore any ransomware-affected device within the same day. Restoring cloud backups and auto-provisioning of device and application profiles from the cloud is usually completed within a few hours.
Chemistruck explains, “Our approach to automation, orchestration, and response, is built on top of the trust and openness of the Microsoft cloud. We also rely on Azure DevOps to keep our internal code repository up-to-date. Being a Microsoft Gold Partner also provides us access to a variety of programs beyond just cybersecurity. Partner co-funding investments can also be leveraged in the areas of IoT, AI, Azure adoption, and application modernization.”
With such a deep Microsoft partnership, Infused Innovations works in close coordination with Microsoft product teams, security teams, and Microsoft-partner technical architects to stay updated and ahead of the curve. Looking forward, the goal is to focus more on the self-service model, which will enable enterprises to determine legitimate access from a simple mobile application. Additionally, the company is working on reducing the burden of security alerts that irritate IT teams by rolling out a 24x7 managed SOC located entirely in the United States by the end of Q2 2020. Chemistruck concludes, “Apart from just ensuring security, we support IT modernization and digital transformation efforts. As much as we evangelize our partnership with Microsoft, we have a detailed understanding of the gaps in the Microsoft platform, and we incorporate other vendors like CyberArk, Jamf, and KnowBe4 as needed to ensure our clients have the protection they need—without being limited to the products of a single vendor. Instead of undertaking a cookie-cutter approach, we use our security accelerators and design sessions to build solutions that are tailored to our clients’ specific demands. Delivering results in a streamlined and repeatable process that has been continuously refined over the years.”