Protecting your organisation isn’t just about buying security solutions or antivirus software. It’s also about monitoring activity across your IT operations to spot breaches before they have an impact on your business and staff. It’s about applying real-life human thinking to complex security situations to ensure you maintain a balance between staff having the IT freedom to carry out their jobs effectively, and the necessary checks and restrictions being in place to prevent unwanted users gaining access to your valuable data and technology.
For increased protection, it’s about digging deeper into the security underpinning your on-premises and cloud environments to ensure that you’re covered, wherever your applications and data reside. Ultimately, it’s also about having a Plan B if things do go wrong: with all your data backed up safely, combined with the ability to get back up and running as quickly as possible through a disaster recovery service.
What is security as a service?
Security as a service (SECaaS) is an outsourced service wherein an outside company handles and manages your Microsoft security. At its most basic, the simplest example of security as a service is using an anti-virus software over the Internet. Current SECaaS offerings include application security, cloud data security, backups, and recovery services to help organisations maintain continuity.
Typically, how does it work?
Assessment - First, your SECaaS implementation partner will assess your cloud and on-premises Microsoft estate. This will help to create a risk assessment and identify the gaps that exist versus IT best practices.
Initial Rollout - Then, the IT partner will help lay the foundation of security procedures across all your software and instil new policies that include alerts and monitoring. This might include configuring the security layers in your Microsoft 365 E5 and A5 licences, laying down whitelisting tools, restricting external access, and applying recovery and backup procedures.
Monitoring- Following the initial rollout, you’ll get 365 monitoring for unusual activity. With minor issues, your SECaaS team can resolve those alerts for you.
Escalation- In real-time, if your SECaaS provider can’t resolve an issue, an established escalation procedure will be followed to determine what action needs to be taken.
Recovery- Lastly, if the worst should happen, your SECaaS provider can eliminate data loss with RTO and RPO and reduce any ransomware impact through immutable backups. Finally, they’ll protect your applications within the VMware or Hyper-V environment, so you get back to work ASAP.
Configuring Microsoft Licences
Did you know that Microsoft 365 E5 and A5 licenses already come with a number of comprehensive security technologies included? As part of a Security as a Service Foundation solution you should expect Microsoft security to be configured to achieve a resilient security baseline. This would include:
Microsoft Defender for Identify – This leverages your on-premises Active
Directory signals to identify, detect, and investigate advanced threats,
compromised identities, and malicious insider actions directed at your
organisation.
Microsoft Cloud App Security - Provides rich visibility, control over data travel,
and sophisticated analytics to identity and combat cyber threats across all your
Microsoft and third-party cloud services.
Microsoft Defender for Endpoint - An enterprise endpoint security platform
designed to help enterprise networks prevent, detect, investigate, and respond to
advanced threats.
Microsoft 365 Defender – Provides the capability for security teams to manage
all endpoint, email and collaboration tools, cross-product investigation,
configuration, and remediation activities within a single unified dashboard.
Microsoft Multi-factor Authentication (MFA) - Extra security to check users
accessing systems from unknown networks.
Conditional Access - Security group policies that incorporate Microsoft Security
Baselines and guidance from the NCSC.
Office 365 Advanced Threat Protection - A cloud-based email filtering service
that helps protect against phishing, business email compromise, and malware
attacks.
Why do you need it?
You need security as a service because you’re likely to face a cyber-attack at some point soon. According to Norton there are more than 2,200 cyberattacks per day. That equates to about one cyber-attack every 39 seconds. So, if you’ve not yet been a victim, it’s likely only a matter of time.
Security as a Service for your Microsoft estate will help to improve the performance of your business by:
- Building confidence among stakeholders that their assets are safe
- Reducing costs with less downtime, disruption and risk, and lower total cost of ownership
- Freeing up internal resources to concentrate on core business activities
- Protecting against new and dynamic threats.
- Centralising your security management. You have greater control, visibility, and cost effectiveness.
- Assuring compliance by having the right internal controls and risk management processes in place to meet legal and regulatory policies.
Ready to talk about security as a service? Take the first step and sign up for a free Microsoft 365 security workshop.
