Planning For The Worst

Planning For The Worst

No matter how hard you work to educate your employees about the constant and evolving threats to your company, even the most conscientious employee may unknowingly open infected files or click on malicious web links. Security breaches are inevitable. The best strategy includes securing across all attack vectors and putting policies into place for reviews and change management within your organization. Microsoft 365 offers security solutions that address these attack vectors and will enable you to discover, analyze, and neutralize threats before they cause harm.

Many common types of threats target these key attack vectors: devices, email, network, and user credentials. Microsoft 365 integrates threat detection across these attack vectors by ensuring that the security and resilience of systems and assets are aligned with related policies, procedures, and agreements.

Windows Defender Advanced Threat Protection (Windows Defender ATP)

For endpoint attacks, Windows Defender ATP provides near-instant detection and blocking of new and emerging threats using advanced file and process behavior monitoring and other heuristic solutions. These endpoint sensors collect and process behavioral signals from the operating system, which are then translated into insights, detections, and recommended responses to advanced threats. Windows Defender ATP offers dedicated protection updates based on machine learning, human and automated big-data analyses, and in-depth threat resistance research to identify attacker tools, techniques, and procedures and to generate alerts when these are observed in collected sensor data. Windows Defender ATP is built in to Windows 10, providing deeper optics and cloud-powered protection.

Microsoft Device Guard is a feature of Windows 10 that provides increased security against malware and zero-day attacks by blocking anything other than trusted apps. Device Guard is managed in Microsoft System Center Configuration Manager (ConfigMgr).


Microsoft Office 365 Advanced Threat Protection (Office 365 ATP)

Threat protection for Office 365 begins with Microsoft Exchange Online Protection which provides protection against all known malicious links and malware. Office 365 ATP builds on this protection by offering holistic and ongoing protection across your Office 365 environment, including email and business apps such as Microsoft Teams, Word, Excel, PowerPoint, Visio, SharePoint Online, and OneDrive for Business. Office 365 ATP allows you to secure your user mailboxes, businesscritical files, and online storage against malware campaigns in real time with its Safe Attachments and Safe Links features. Office 365 ATP Safe Attachments protects against unsafe attachments by preventing them from affecting your messaging environment. All suspicious content goes through real-time behavioral malware analysis that uses machine-learning techniques to evaluate the content for suspicious activity. Unsafe attachments are removed before being sent to recipients. The result is a malware-free inbox with better zero-day attack protection.

Office 365 ATP Safe Links supports protecting your environment offering by “time-of-click” protection from malicious links. If a link is unsafe, the user is warned not to visit the site or informed that the site has been blocked. Reporting and message trace in Exchange Online Protection allow you to investigate messages that have been blocked because of viruses or malware, while the URL trace capability allows you to track individual malicious links in the messages that have been clicked. Office 365 ATP and Exchange Online Protection can be configured in the Office 365 admin center.

Office 365 Threat Intelligence is a repository of threat intelligence data and systems that can spot suspicious patterns, behaviors, and activity. Office 365 Threat Intelligence gathers information from email and other sources. You can then use this data to understand and remediate threats against both your employee and your organization. Office 365 Threat Intelligence lives in the Office 365 Security and Compliance Center. Attack Simulator, a component of Office 365 Threat Intelligence, lets you run realistic attack scenarios in your organization so you can identify and find vulnerable users before a real attack occurs. You can find out how your users would behave in an attack, and then update policies to ensure that the right security tools are in place to protect your organization from threats before they happen.


Azure Advanced Threat Protection (Azure ATP)

Azure ATP provides end-to-end network security by protecting user identities and credentials stored in Active Directory. To prevent identity credential attacks, Azure Active Directory (Azure AD) detects risk events, such as users with leaked credentials, sign-ins from anonymous IP addresses, impossible travel to atypical locations, infected devices, and IP addresses with suspicious activity or unfamiliar locations.

Azure ATP detects suspicious activities across the network attack surface, such as:

  • Reconnaissance work, during which attackers gather information on how the environment is built, what the different assets are, and which entities exist.
  • Lateral movement cycles, during which attackers invest time and effort in spreading their attack deeper inside your network.
  • Domain dominance (persistence), during which attackers capture the information— allowing them to resume their campaign using various sets of entry points, credentials, and techniques.

These services that protect specific parts of the attack surface can also share signals to alert services protecting other surfaces of the enterprise.

Azure ATP detects these suspicious activities and surfaces the information, including a clear view of who, what, when and how, in the Azure ATP workspace portal which can be accessed by signing in to your Azure AD user account.


Azure AD Identity Protection

Azure AD Identity Protection provides an overview of risk and vulnerabilities that may be affecting your organization’s identities. Azure AD Identity Protection uses existing Azure AD anomaly detection capabilities available through Azure AD anomalous activity reports. You can enable Azure AD Identity Protection through the Azure portal. Azure AD Identity Protection helps you identify the risk level of a particular user. Through Azure AD Identity Protection, you can set up risk-based conditional access policies to automatically mitigate threats and secure corporate or organizational resources and data. Risk-based conditional access gets rich signals from the Microsoft Intelligent Security Graph and then converts them to actionable risk-based policies that you can apply to your organization.

Vulnerabilities identified and reported by Azure AD Identity Protection include non-configured multi-factor authentication registration, unmanaged cloud apps, and security alerts from privileged identity management. We recommend that you address these vulnerabilities to improve the security posture of your organization and prevent attackers from exploiting them. Azure AD Identity Protection will flag these issues and recommend mitigation strategies.

Azure AD Privileged Identity Management (Azure AD PIM) lets you monitor access to resources within your organization so that you can minimize and manage the number of people who have access to secure information or resources. Continuously monitoring these high-access points limits vulnerabilities at a top level.

You can configure Azure AD PIM in the Azure portal to generate alerts when there is suspicious or unsafe activity in your environment, such as roles being assigned outside of Azure AD PIM or are activated too frequently.


Microsoft Cloud App Security

Microsoft Cloud App Security gives you greater visibility and control over your enterprise app ecosystem, including all Microsoft applications and applications that are beyond the Microsoft ecosystem through threat detection, enhanced security and policy controls, and deeper discovery and insights.

Microsoft Cloud App Security lets you set up alerts based on anomaly detection policies so that you know about threats immediately. Anomaly detection works by scanning user activities and evaluating their risk against more than 70 different indicators such as sign-in failures, administrator activities, and inactive accounts. You can also set up customizable activity policies to track specific activities and flag you if something is out of the ordinary, like a huge download or multiple sign-on attempts.

Manage Microsoft Cloud App Security through an app dashboard that lets you see your organization’s and employees’ app usage, like how much data is being sent to OneDrive for Business, Box, Dropbox, and other cloud storage apps.

You can set your Cloud App Security policies in the Cloud App Security portal or through the Microsoft 365 Security and Compliance Center. On the Cloud App Security policy page, you can create activity policies and apply severity levels that can be used to filter your alerts later. You can also determine what action to take when one of your policies triggers an alert.


Microsoft Secure Score

Microsoft Secure Score provides a quantifiable way to measure your security posture and track improvements over time. It also provides recommended actions to improve your score that include helpful links to learn more or configure the recommended feature. In addition, Microsoft Secure Score expands your visibility into the overall security posture of your organization. From the dashboard, you’ll be able to quickly assess the security posture of your organization and obtain recommendations for actions to further reduce the attack surface in your organization—all in one place. From there, you can act according to the recommended configuration baselines.


In closing, the Advanced Threat Protection integrated throughout Microsoft 365 monitors and protects everything from data, to endpoints, to user identities. These tools are always working behind the scenes to keep your business secure, keeping you in the loop without overwhelming you with information.

At Oakwood Systems Group, Inc., we believe in securing your business with a holistic strategy. Contact us today to learn more.

5 Reasons Your Organization Should Move To The Cloud

5 Reasons Your Organization Should Move To The Cloud

How many reasons do you need to transition to cloud-based IT infrastructure? For most companies, it’s more than just one. At Oakwood Systems Group, Inc., we know the benefits of the cloud outweigh any of the hassle.

Microsoft cloud services offer with increased scalability and security, not to mention flexibility and ease of use. You’ll also save your business time and money by reducing maintenance of on-premises IT infrastructure.

Here are 5 reasons your organization should consider adopting the cloud.

1. Cloud Based Applications Are Here To Stay

  • The value of the cloud – The cloud market is expected to pass $500 billion by 2020.
  • Adoption is growing – 72% of organizations had at least one application in the cloud in 2015, a 15% increase from 2012.

2. Security Comes Standard

As cloud technology improves, security fears lessen. In a survey of enterprise IT managers, security is no longer ranked as the #1 concern when it comes to cloud computing.

One of the biggest advantages of moving to the public cloud is the security team that comes with it. By moving to an enterprise-level public cloud, you’ll experience:

  • Scale – A public cloud will always be large enough to store and secure your data.
  • Intelligence – Public clouds monitor for millions of threats. As soon as one is detected on one customer tenant, the cloud provider can mitigate the attack across all other tenants.
  • Automation – Less human touch results in fewer mistakes and fewer opportunities for security breaches or insider threats.

Benefits of Cloud Technology

We’re saving time and money. And every dollar we save is making it to the field to help those that need it.

Marc Julmisse – Chief Nursing Officer, Partners in Health

3. Move At Your Own Pace

Cloud migration does not need to happen all at once, and it’s recommended to migrate to the cloud over time with a hybrid approach—the combination of an on-premises, private cloud and third-party, public cloud services.

On average in 2015, businesses were simultaneously experimenting with and running data on 3 public clouds and 3 private clouds.


4. Using The Cloud Doesn’t Mean New Tools

Moving to a cloud-based solution doesn’t have to mean retraining employees. Many solutions allow you to use the same applications your employees are used to, with access to files anywhere online.


The switch to Microsoft cloud services makes us significantly more efficient in normal times but will make us far more effective when we respond to a disaster moving forward.

Mike Manning – President and Chief Executive Officer, Greater Baton Rouge Food

Cloud Benefits: Scale, Intelligence & Automation

The Sky’s The Limit

Cloud adopters see various benefits from their technology, although businesses’ top-cited benefits include:

  • Faster access to infrastructure
  • Greater scalability
  • Increased availability

Intelligent Security for The Modern Workplace

Intelligent Security for The Modern Workplace

One of the biggest challenges in digital transformation is ensuring security across an organization’s entire digital landscape without reducing user productivity. Piecing together individual solutions can result in a complex security posture that overburdens operations and encourages users to bypass security measures. Cloud computing allows enterprises to share security signals worldwide, which is changing how they do security.

In this new world where data and users roam free, it’s even more important to have an integrated suite of security tools. Microsoft 365 is a complete, intelligent solution that helps secure corporate data and protect against bad actors, while taking advantage of the transformative opportunities presented by cloud computing. Its built-in security solutions integrate easily and share insights from the trillions of security signals on the Intelligent Security Graph across the global Microsoft ecosystem. With Microsoft 365, you can reduce the number of security vendors you manage and safeguard your organization, without sacrificing productivity.

Microsoft 365 keeps users, data, devices, and applications safe

An organization’s data is their most valuable asset, yet most enterprises lack the ability to understand what data is sensitive and control access to that data. Data protection requires a layered approach that starts with a great user authentication experience with policies to control access to sensitive information regardless of location or device. Microsoft 365 includes identity protection that provides the foundation for secure access to data, devices and applications. A set of advanced threat protection tools communicate with each other to correlate threat information across your entire digital footprint and automate threat protection, which eases the workload on your security operations team. Security insights recommend ways to optimize the configuration of your security tools and provide a quantifiable measurement of your security posture.

Microsoft 365 Enterprise E5 unifies user productivity and enterprise security into a single suite

For customers that embrace the Microsoft productivity suite, there are significant gains to be realized in security. While no single security provider will cover your entire digital footprint, through Microsoft’s investments and scale within enterprises, their customers have an advantage in creating a comprehensive, adaptive security program.

Comprehensive, adaptive security

Technology has changed the way enterprises conduct business. As people bring devices, apps, and data into organizations today, protecting company assets requires a new approach. It’s important to find a balance between powerful, complicated security capabilities and a security posture that you can maintain over time with your current staff and budget.

Imagine if you could easily; identify sensitive information automatically, eliminate passwords entirely in favor of biometrics or pins, identify, quarantine, and wipe a compromised endpoint all from a single location and quantify your security position and gain insights on how to improve it.

All of this and more is possible with Azure Advanced Threat Protection, just one of four valuable tools included in Microsoft 365 Enterprise E5. Interested in what other tools are available to you? Oakwood Systems Group, Inc. has the answers to your questions. Contact us to learn more.


The Power of Backing Up in Azure

The Power of Backing Up in Azure

Data has never been more critical to your enterprise as it transforms in this digital world. Azure Backup helps you retain rapidly increasing amounts of data while keeping storage costs low. It makes it easy for you to backup and restore your most important information when the unexpected happens. As ransomware attacks increase, built-in protection from Azure keeps your data safe. Azure Backup gives you a cost-effective, simple and secure backup solution that protects your data.


Benefits of Azure Backup: Simple, Secure & Cost-Effective

Setting up Azure Backup for your virtual machines can be accomplished in just three steps. Once the initial backup is completed, only incremental changes are sent based on a defined schedule. You can then retain your backups for as long as your compliance(s) require.

Built-in protection against ransomware helps you protect your data from unauthorized requests to delete your backups. Before ransomware has the chance to corrupt your data, you’ll be notified so you can save your data.

Store your backups in Azure instead of an offsite to reduce infrastructure costs. Pay for what you use in Azure.


Additional Key Benefits

  • SaaS pay-as-you-go service
  • Have the latest backup of your data whenever you need it at no additional cost
  • Support for VMware, Hyper-V, Linux and Windows in Azure and on-premises
  • Avoid the complexity of managing on-premises infrastructure
  • Safeguard your backups from ransomware with one-click multifactor authentication
  • Retain unauthorized deleted backups to give you time to investigate and recover your data

Simple and secure cloud-based backup

  • Hybrid and heterogeneous – Protect your data from Azure no matter where it resides – in the cloud or onpremises. Support for virtual machines running on VMware, Hyper-V, Linux and Windows.
  • Flexible – Scale protection to just a few files and folders or multiple virtual machines in a few clicks. Restore individual files and folders or virtual machines from Azure when you need them the most.
  • Efficient – Eliminate the challenges of getting started with your backup solution. With no need to provision storage, enable backup for your virtual machines running in Azure in a few minutes.
  • Fast – View your backups from Azure and onpremises in one centralized location to quickly decide what needs to be restored to keep business operating as normal.
  • Compliant – Export Power BI reports to understand information about your backups. Ensure you are meeting your industry’s unique compliance requirements.
  • Safe – Receive instant notifications of suspicious backup activities so you can take action. Generate a security PIN required to complete critical backup operations for an additional layer of protection.

We don’t have to worry about managing space on expensive purpose-built backup storage systems. We have no tape costs, management costs, nothing. Backup is dramatically cheaper with Azure.

Sean DeLessio Lead Engineer Russell Reynolds Associates

Even with the cost of adding a Data Protection Manager server to each jobsite, Azure Backup is cheaper than our previous solution—one quarter the cost. The savings increase with every gigabyte of data we add.

Chris Palmer Solutions Architect PCL Construction

By using long-term Azure Backup to eliminate tape, we could save US$20,000 annually,” Karabiber says. “We also avoided the need to build or rent an off-site backup location at a cost of $50,000.

Kerem Karabiber IT and Business Development Manager Kardem

The process for backing up data can seem complicated. With the increased importance of data in the digital age, isn’t it time you integrated a solution that helps you safeguard your data? At Oakwood Systems Group, Inc., we know how tough it can be to safeguard your data. That’s why we’re here to help.


Contact Us Today!

Six Common Cybersecurity Mistakes You Can Fix Now

Six Common Cybersecurity Mistakes You Can Fix Now

Cybercriminals are clever and on the lookout for vulnerable businesses. They exploit common mistakes and flaws to breach systems, then steal, disrupt, or hold businesses for ransom. But here’s the good news: you don’t have to be an easy mark. You can make changes right now to reduce the likelihood of a successful attack.

Here are six common cybersecurity mistakes and how to fix them:

cybersecurity

Mistake 1: Piecemeal approach

It’s tempting to stack new security measures on top of existing ones as new threats emerge. But this results in too many products and not enough integration. Every product has its own dashboard, controls, and alerts. And someone has to stay on top of it all.

This lack of integration between security products makes it difficult to see threats holistically, and even harder to respond quickly and effectively. Instead, look for products designed to work together, and partner with companies that actively seek collaboration with the security industry.

Mistake 2: Insufficient Security Expertise

Cyberthreats continue to increase every day, and 43% of cyberattacks target small businesses, which usually have limited IT resources in-house. Everyone else is focused on running the business, not security. You need help.

Consider automated, software-based processes that can monitor your systems continuously and even take action when a threat is detected. Smart automation can save you time and energy, allowing you to focus on other priorities. Also, consider partnering with a specialized security provider. And finally, invest in educating your employees on security awareness so everyone can be part of the solution.

cybersecurity

Mistake 3: Unsecured personal devices

How many ways do you access your business data? Even small businesses may have multiple computers, laptops in remote locations, personal smart phones, and tablets. A determined hacker can attempt access through many possible endpoints. In fact, 60% of breaches stem from a compromised endpoint, such as a personal device.

Identity and access management (IAM) eliminates the complexity of multiple user credentials by giving each employee a single, secure identity to access all your network resources. And multifactor authentication (MFA) offers another layer of protection, requiring a user to present a password plus secondary authentication such as a fingerprint or code sent via SMS.

Mistake 4: “I’m too small to be a target”

Cybercriminals increasingly target smaller businesses assuming that you may be complacent and unprepared. A study by the Better Business Bureau found that nearly one in four businesses with 250 employees or fewer reported having been the target of a cyberattack, and the overall annual average loss for smaller businesses from these attacks is estimated to be $79,841.

Make sure to invest in security, but realize that no program is 100% foolproof. Assume that you can be attacked and breached. Prepare an incident response plan, ensure continuous monitoring for suspicious activity, and organize the resources needed for a quick response to reduce the damage to your business.

Mistake 5: Overlooking the security of the cloud

Security is complex, and even well-funded enterprise IT departments struggle to stay on top of it. The right cloud partner can do much of the heavy lifting for you and provide smart ways to encrypt and backup your data.

Moving to the cloud doesn’t have to mean starting over from scratch. Evaluate your needs, and make the move in stages. Or even employ a long-term hybrid strategy where some of your systems remain onpremises. Be sure to evaluate cloud service providers using international standards, and look for vendors that publish detailed information about their security and compliance measures.

Public cloud providers offer better security than a small business or even a big enterprise is able to achieve. This is due to the investments that cloud providers are making to build and maintain their cloud infrastructure.

Rene Buest – Senior Analyst and Cloud Practice Lead, Crisp Research

Mistake 6: Leaving data unprotected

Data travels outside your control when it’s shared by employees, partners, and customers. But trying to lock down everything discourages productivity and innovation, and eventually leads to employee workarounds if the inconvenience proves too great. Balance protection with productivity by focusing on security at the data level.

Categorize your data based on how sensitive and critical it is to your business. Better yet, automate your data classification so the appropriate protections and monitoring are in place when the data is created. Protect what’s most important with the strongest measures, such as restricted access, limited sharing privileges, and encryption.

Build your security strategy— one step at a time

Modern cybersecurity requires a coordinated, multifaceted approach. But it’s a journey, and every step you take makes a difference and reduces your risk. If you haven’t been attacked yet, assume that you will be a target eventually and look for partners to help. Start with this free security assessment tool, and get prepared to protect, detect, and respond to the threats that come your way.

Contact the security experts at Oakwood Systems Group today and learn more about vulnerabilities you may have and how they should be addressed.

Safe Technology for Schools

Safe Technology for Schools

A hot topic ever present among educators is ensuring their students are prepared for life and the working world upon graduation, especially in the area of technology. Unfortunately, this is often easier said than done. High price tags, complex content management systems, and security problems can all get in the way of a school fulfilling this goal. 

Luckily, with the right partnerships, this aim can become a reality. Utilizing Windows 10 in S Mode, school districts across the country can manage content access for all its devices through a single program and implement the ideal level of security – all while training students on the number one platform used by businesses throughout the world.

Microsoft in Schools

With the extra security provided by Windows 10 in S mode, we get that right balance between safeguarding devices and encouraging communication, collaboration, critical thinking, and creativity.

Todd Pickthorn – District Network Service Coordinator at Marshall Public School District

As a Microsoft Gold Partner, Oakwood Systems Group, Inc. is a leading provider of transformative digital and cloud services, managed business services, and custom application delivered using world-class technologists.

Send us an email today and learn how we can ensure the safe use of technology in your organization.

Microsoft 365: Bringing Intelligent Security To Business

Microsoft 365: Bringing Intelligent Security To Business

We are living at an Inflection Point.

Digital transformation is the biggest change any of us has seen in our lifetime. Companies invest in technology to optimize operations, transform products, engage customers, and empower employees. The challenge is to find a finding the way to empower people to do their best work. This starts with fostering a culture of work that engages your team, and embraces the trends in the workplace that make work inspiring.

To deliver on the tremendous opportunity for business growth and innovation, Microsoft is simplifying the customer experience by bringing together Office 365, Windows 10, and Enterprise Mobility + Security with the introduction of Microsoft M365.

It’s a complete, intelligent solution that empowers everyone to be creative and work together, securely.

With the ability to leverage the constantly evolving Office 365 suite, with over 1 terabyte of storage via OneDrive, firms  will now have access to enhanced security capabilities including:

  • Both On-Premise and Cloud Threat Detection
  • Multi-Factor Authentication
  • Document Encryption and Segregation (Device Level)
  • Save-As, Copy, and Paste Restrictions
  • Device and App-Level Data Wipe
  • Single Sign-On

Interested to learn more? Contact us today to find out how Microsoft 365 can help your business!

About Oakwood

Since 1981, Oakwood has been helping companies of all sizes, across all industries, solve their business problems.  We bring world-class consultants to architect, design and deploy technology solutions to move your company forward.   Our proven approach guarantees better business outcomes.  With flexible engagement options, your project is delivered on-time and on budget.