Arraya Insights

by

2022 is shaping up to be an interesting time for both employers and employees as the remote world of work endures. We’re now over two years into the pandemic and many employees are still logging in from home, even as pandemic-related restrictions soften.  

While some employers appear eager to bring their people back into the office, the tight job market is holding many back as workers demand better work-life balance amid the “great resignation”. Maintaining flexible work arrangements has become necessary to both maintain talent and broaden the search for talent outside of the surrounding local office.  

For those employers who are continuing with a remote work model, supply chain issues are causing a major hiccup. Significant delays in PC shipments are causing months long backorders. As a result, bring-your-own-device models have become increasingly popular.  

This method has perks for both the employer and the employee. The employer can save costs on hardware while the employee can limit the number of devices they need to carry around. However, BYOD devices can create security challenges in an increasing volatile cyber climate. If these are not secured properly, they present an enormous risk.  

Many businesses and enterprises are turning to Microsoft Intune so they can take advantage of BYOD devices without sacrificing security.   

What is Microsoft Intune? 

While we’ve previously focused on virtual desktop infrastructure (VDI) solutions for BYOD devices within the remote workspace, this type of solution differs from Microsoft Intune. VDI access is fully managed by corporate in domain joined workstations and provides employees and contractors with client-based remote access to their work environment from a personal device.  

Intune provides administrators with the ability to manage MDM applications and devices through three connection types: 

  • Mobile Device Management (MDM): This service is used for enterprise-owned devices, giving the IT team full control of the device. This includes the ability to fully manage, wipe, and locate the device, should they deem necessary.  
  • Mobile Application Management (MAM): This is designed to protect organizational data at the application level and is used to install, contain, and control the application whether it’s a user’s personal device or in a company-owned, fully managed state. 
  • Mobile Application Management – Without Enrollment (MAM-WE): This provides the ability to create MAM Application configurations that can fully manage the company data and apply security configuration to a personal device. This can all be done without affecting any other personal applications or data, or requiring Intune Enrollment. This is the more popular configuration that still provides top notch security and control while maintaining the separation of personal content and business content on the device. 

For the sake of this blog, we’re going to focus on the growing trend of bring-your-own-devices (BYOD), such as cell phones, laptops, and tablets, and the use of MAM. However, MAM can be used on enterprise-owned devices as well.  

How does Intune’s MAM provide application security? 

Intune provides administrators and IT teams with the remote capability to control company data by: 

  • Adding and assigning mobile apps to users, user groups, and devices 
  • Configuring apps to start or run within specific settings 
  • Updating managed apps already on the device 
  • Monitoring reports to track managed app usage 
  • Selectively wiping only organization data from apps without disturbing personal apps 

Intune provides this security through app protection policies. These use Azure AD identity to isolate organization data from personal data and, when coupled with Microsoft Information Protection, restrict certain actions, such as copy-and-paste and save. 

The integration with Azure AD enables broad access controls, such as requiring mobile devices to be compliant with organization standards before accessing network resources. This includes requiring multi-factor authentication for device enrollment and administrators can lock access to services so they’re only available to specific apps.  

Next Steps: Does Your Licensing Include Microsoft Intune? 

Whether you’re looking for licensing for your small business or enterprise, Intune can help you provide the flexibility your employees are looking for with the security that your organization needs.  

An Intune user and device subscription is available as a standalone, or within one of the following bundled licenses: 

  • Microsoft 365 E5 
  • Microsoft 365 E3 
  • Enterprise Mobility + Security E5 
  • Enterprise Mobility + Security E3 
  • Microsoft 365 Business Premium 
  • Microsoft 365 F1 
  • Microsoft 365 F3 
  • Microsoft 365 Government G5 
  • Microsoft 365 Government G3 
  • Intune for Education 

Is Intune already a part of your licensing? Whether you have questions surrounding your Microsoft licensing or how to best manage your remote capabilities, contact one of our experts to start a conversation today.   

Visithttps://www.arrayasolutions.com//contact-us/ to connect with our team now.     

Comment on this and all of our posts on: LinkedIn, Twitter and Facebook.     

Follow us to stay up to date on our industry insights and unique IT learning opportunities.    

by

As we continue our deep dive into security assessments, we’re turning our attention to penetration tests.   

Many business owners only have one reason to conduct penetration tests: compliance. However, they’re not taking advantage of the full value of these assessments.  

In this blog, we’re going to be putting penetration testing under the microscope so businesses can ensure they’re getting the biggest bang for their buck while strengthening their security controls.   

What is a penetration test?  

A penetration test, better known as a pen test, is a “cybersecurity technique organizations use to identify, test, and highlight vulnerabilities in their security posture. These penetration tests are often carried out by ethical hackers.” These are conducted to test your security measures and exploit weaknesses so they’re addressed before malicious actors can get to them.  

Pen testers will conduct these vulnerability assessments by first getting into the easiest accessible systems and then shifting to the highest privileged systems in the easiest way possible. This doesn’t mean they will test your entire environment and every control in place. Instead, the security testing will be completed in accordance with a previously agreed-upon scope.   

Penetration testing vs vulnerability scans: What’s the difference?   

It’s important to understand that a pen test is not the same as a vulnerability scan. These are often confused with one another. 

A vulnerability scan looks for security issues and known vulnerabilities within your systems and reports on potential exposures. Unlike a pen test, these are a passive approach to vulnerability management as they’re not completed manually by experts.   

Separately, a penetration test is a hands-on approach as analysts or ethical hackers search for these vulnerabilities directly and try to exploit them.   

How can businesses get the most value out of pen tests?  

Conducting a vulnerability scan prior to your pen test is a good way to make your pen test results more effective. A vulnerability scan will scan your entire computer system or environment and provide a reasonably accurate list of all exploitable vulnerabilities with remediation guidance. This allows businesses to make their pen test scope more specific and the results more effective.   

Penetration testing is now a regular requirement of many security compliance standards. This means many businesses, especially those who collect consumer payment information and must comply with PCI DSS standards, must conduct these tests and provide reports on an ongoing basis.  

These tests are conducted in five steps: 

  1. Scoping: Your team and the pen tester will go over your specific requirements to define the testing scope.  
  1. Discovery: The pen tester will identify your network assets within the defined scope.   
  1. Evaluation: The pen tester will test your network, applications, tools, and techniques for security vulnerabilities within the defined scope.   
  1. Reporting: The pen tester will evaluate the results of the testing and put together a report with the results.   
  1. Retest: After remediation of known vulnerabilities, the network and applications are retested to ensure the problems previously identified are now resolved.   

We can’t emphasize the importance of the initial step (the scoping conversation) enough. This is where you’ll ensure your business is getting the most value from this investment. The more specific your requirements of the testing scope, the more useful the results will be.    

It’s important to understand that a pen test is not the same as an attack simulation and the pen test will not be conducted the same way a real cyber-attack will come through. The pen testers will be limited by the requirements set out during the scoping period and the period of time that has been specified. As such, not every possible method of attacking your network will be attempted.   

Once your pen test is complete, analyzing these results for specific types of threats, such as social engineering, phishing attacks, and ransomware, will provide a new perspective and may offer information that was previously missed.  

Result analysis often stops at completing patches, but this isn’t always deep enough. In some situations, it’s worth looking at the bigger picture and asking if there is a business case for all externally facing services. Does everything need to be internet-facing? It may not be necessary to expose certain parts of your network at all.  

How often should pen tests be conducted?  

Security environments are always changing, and these assessments represent only one, single point in time. As such, continuous penetration testing is the best way to stay on top of your vulnerabilities  

The frequency in which pen tests should be completed will vary depending on the individual business, their data/level of risk, and the compliance requirements they face. For example, PCI DSS compliance requires that businesses conduct pen tests every six months. Regardless of the frequency in which your business is required to conduct these tests, what’s important is that they are ongoing.   

However, giving your business a realistic time frame between pen tests will allow you to appropriately correct any identified vulnerabilities before your next test. For this reason, pen testing one area of your network or system at a time is a good way to ensure you’ll have the time and resources to address any newly discovered vulnerabilities in a timely manner.   

Next Steps: Capitalize on Your Compliance Penetration Testing   

Penetration testing provides results beyond compliance. When completed appropriately, these tests can help your organization ensure you have the strongest available defenses, a sound investment plan in your security strategy, and the trust of your consumers and clients.   

At Arraya, we offer a partnership that provides you with the information and guidance you need to conduct this testing in a manner that’s constructive to your overall business strategies.     

To learn more about penetration testing or security risk assessments in general, contact one of our cyber security experts today.   

Visithttps://www.arrayasolutions.com//contact-us/ to connect with our team now.      

Comment on this and all of our posts on: LinkedIn, Twitter and Facebook.      

Follow us to stay up to date on our industry insights and unique IT learning opportunities.      

by

We’re living through an interesting time for the world of work. Digital security is now more important than ever, yet we’re working miles apart from one another and transmitting data all over the place. Employees are logging onto their company network through their personal WIFI, the same WIFI their teenager may be using to download illegal games. Others are hopping onto an airport’s public WIFI to check their email before their flight, sharing this network with hundreds of other people and devices.  

How are companies supposed to keep their corporate data secure through all of this? While some anticipate that businesses will take greater measures to secure individual home networks, we anticipate that endpoint security will remain the top focus.  

Those desktops, laptops, tablets, and smartphones are a glowing target for cyber threats and endpoint security has become the most cost-effective solution.  

With these steps, businesses can significantly reduce their endpoint exposure and continue to let their employees work from anywhere and at any time:  

  1. Focus on Authentication 

Securing endpoints begins with authentication. This means verifying that the user looking to access the endpoint is who they say they are and not an imposter.   

Zero Trust has become the reigning security model that focuses on authenticating who is using an endpoint. This method instructs, “never trust, always verify.” This means that breach is always assumed, and each request must be verified as if it’s from an uncontrolled network, even when it comes from behind the company firewall.  

An important component of the Zero Trust methodology is multi-factor authentication (MFA). Rather than relying on a single password, MFA or 2FA requires a second piece of identifying information. This may be a PIN number, secure key, a fingerprint. or facial recognition.  

  1. Don’t Forget the Physical Security of Endpoints 

While MFA provides a second layer of security, it’s important to remember that the physical security of your endpoints is equally as important. If stolen, your device can be used by a malicious individual to unlock your MFA and access your device, account, network, and more.  

In addition, there has been increased concern over SIM swapping attacks, which attempt to bypass MFA security measures. These attacks often involved phishing or social engineering techniques which trick a mobile phone carrier into switching the victim’s cell phone number to a SIM card in the criminal’s possession. This is then used to bypass ‘Forgot Password’ or ‘Account Recovery’ requests and the criminal can take control of unlimited online accounts.  

As many offices are still partially empty (if not entirely empty) don’t forget to monitor the physical security of your digital assets. With less watchful eyes around, it’s easier for an unauthorized individual to access devices or your data center.  

  1. Use VPN on All Public Networks 

While a personal VPN on your home network might not provide you with the security you were expecting, a company-owned VPN should be used when connecting to any public WIFI networks. 

A VPN encrypts the connection from the internet to your device, making it very difficult to intercept or decode. 

However, in general, it’s still best to avoid a public WIFI network, whenever possible. When public WIFI is necessary, it should only be used for casual browsing, not for sending or receiving sensitive data. Instead, it’s best to use your phone’s personal WIFI hotspot in these circumstances.  

  1. Implement a VDI Solution 

A virtual desktop infrastructure (VDI) solution uses virtual machines to provide and manage virtual desktops and hosts them on a centralized server to deploy them to end-users.  

This type of solution centralizes data on premises or in the cloud, rather than on the endpoint device itself. It also provides IT teams with the ability to enable or disable key features of the device, such as USB access, print capabilities, and even cut and paste. Should a device be lost, stolen, or compromised, the IT team can remove corporate data that was housed within the VDI.   

A VDI solution has become a necessity as more companies opt for bring-your-own-device models, which allow employees to access corporate data and networks on their personal devices, rather than investing in company-owned hardware.  

  1. Turn Off Any Unnecessary Device Services/Features   

Devices today come with hundreds of features that are meant to improve our user experience. However, few people regularly use every feature available. It’s recommended that you turn off any unnecessary applications or features that could be running in the background without your knowledge and collecting your data. In general, less data means less risk.  

However, this is easier said than done. Device agreements and service contracts can make it difficult to determine what is collecting your data and how to turn this function off.   

Recently, it was reported that Verizon could be collecting user data through browsing history, location, apps, phone numbers, and contacts. Most users didn’t realize that this feature had been enabled on their phone and they had to go through multiple steps to ensure this “service” was turned off. 

While it can be burdensome, it’s important to be familiar with your service agreements and any obscure uses of your data that you can voluntarily opt out of.  

  1. Never Agree to ‘Trust This Device’  

When we log onto a website or application, we’re often met with a pop up asking if we want to trust the device we’re using. When we agree to this, a token is implemented onto the device in use, putting the device at risk of future “trustjacking” attacks. This opens the door for hackers to sync and communicate with your device when you’re on the same network, all without the need for further approval.  

In general, it’s best that you don’t agree to trust any devices, even if they are yours.  

There’s a saying that goes, “You don’t have to outrun the bear, you only have to outrun the person next to you.” While harsh, this theory also applies to your security methods. Every security barrier that you put up makes it more difficult for cyber criminals to breach your endpoints, network, and accounts. In time, this will send them looking for another, easier target.  

Next Steps: Do You Need Help Enhancing Your Endpoint Security? 

Whether you’re looking for assistance in conducting security assessments or you need a third-party solution to manage your cyber security practices, Arraya can help. 

Our team of experts are available to help you along every step of your continuous security journey.  

If you’re interested in learning more about endpoint security, check out the latest episode of the Arraya Insights Vodcast:  Prioritizing Endpoint Security in the New World of Work.  

Contact us today to start a conversation.  

Visithttps://www.arrayasolutions.com//contact-us/ to connect with our team now. 

Comment on this and all of our posts on: LinkedIn, Twitter and Facebook.     

Follow us to stay up to date on our industry insights and unique IT learning opportunities.    

by

Chris Bovasso, Arraya’s Director, Application Services, and Mike Wishnefsky, Solutions Engineer, discuss Microsoft Dataverse in this Expert Q&A video. They dive into what the Dataverse is, as well as its benefits and use cases.

by

Technology changes at a lightning pace and with recent developments, including the advent of virtualization and shared infrastructure, the last few years have transformed every industry.  

Maintaining a current IT infrastructure has become a necessity for remaining relevant among a competitive market. However, the never-ending journey of staying current within IT can be demanding.  

Here’s how financial institutions can best invest in their IT environment to attract and serve their customers, all while addressing growing security challenges:  

Keep Eyes on Your IT Environment 

You’ve heard the saying: It’s a journey, not a destination. Your IT environment is not a box that can be checked. It’s more of a living organism that needs continued care throughout its entire life span.  

Financial institutions and credit unions should have a plan in place to keep a watchful eye over all tech investments. While a 3-5 year “road map” of your IT plans is ideal, a 1–2-year outlook is warranted, at the least.   

This plan should include: 

  • Keeping track of key dates, such as end of life or end of support dates for applications and software 
  • Completing regular updates and patches 
  • Requiring continuous check points to monitor the health of your overall IT environment 
  • Considering the technical needs of future business initiatives  

Businesses who neglect their IT environment may find themselves backed into a corner and forced to make a fast and potentially haphazard decision that could have been avoided. Overall, the goal is to avoid “technical debt.” This concept refers to the cost of unnecessary work that must be completed due to a lack of regular maintenance or from choosing an easier, faster, or cheaper route rather than the correct one. 

Technology is an enormous investment for businesses. Much like a home, your tech environment requires regular maintenance to retain its value. For businesses and organizations who may not have the infrastructure to fully manage this workload, a strong third-party partner can assume these responsibilities to ensure everything is regulated appropriately.  

Focus on Security  

Financial institutions are a key target for cyber attacks. This is due to the sheer volume of private data required to conduct this type of business.  

Cyber security should remain a top priority for all businesses, but this is especially essential for credit unions. A cyber attack could result in a breach of private consumer data, significant business interruption costs, a ransom payout, and loss of public and consumer trust.  

While businesses should put up the strongest defenses possible, the hard truth is that most institutions will fall victim to a cyber event. Not only do businesses need to prevent cyber attacks, but they must also be prepared to detect them and respond to them quickly to recover.  

Leverage Data for Analytics 

As technology develops, the amount of data available to financial institutions continues to grow. However, without the right solutions and applications in place, the use of this data may go to waste.  

In the competitive financial market, businesses must leverage and act on their data. With the right data collection, compute, and analytical solutions in place, businesses can harness this information to make changes, maintain their competitive edge, and provide a better user experience for their customers.  

Transition to Meet Adapting Customer Needs 

Technology has changed the way customers interact with financial institutions. As the days of in-person transactions fade, consumers are looking for convenience at all costs.  

With app-based banking, consumers are looking for fast, digital interactions to satisfy their needs at any time of day or they’ll take their business elsewhere.  

A good example of this type of technological disruption is Blockbuster. As Netflix entered the market and leveraged technology to make video rentals easier for their customers than ever, Blockbuster was no longer able to compete and ultimately became irrelevant.  

Financial institutions must invest in technology that allows them to provide the fastest possible service and connect with their customers in the way customers want to be connected with

Next Steps: There is Always Opportunity When You Invest in Tech 

For more information on how technology affects credit unions, check out episode 7 of Vizo Financial’s four-week series on credit union security: Episode 7: The Evolution of Credit Unions: Technology.  

Here two Arraya experts, Ron Longley, Director of Hybrid Infrastructure, and Jared Ness, Account Executive, discuss the challenges that credit unions face and how these businesses can stay on top of new technologies.  

Not every credit union has a robust, in-house IT team to address their changing needs and they don’t need to. A strong partnership with a managed services unit provides financial institutions with the critical IT support they need, so they can direct their focus where it’s most needed most. 

Investing in your technology will ultimately provide cost savings down the road and help your business prepare for the future. All you need to do is find the right partner to help you throughout your journey.  

Contact one of our Arraya experts if you’re interested in learning more.  

Visithttps://www.arrayasolutions.com//contact-us/ to connect with our team now. 

Comment on this and all of our posts on: LinkedIn, Twitter and Facebook.     

Follow us to stay up to date on our industry insights and unique IT learning opportunities.       

by

Once businesses make the journey to the cloud, their focus then shifts to the performance of their applications and the costs associated with them. Modernizing your workloads means customizing them to fit your business’s individual needs.  

Application modernization takes your existing applications and programs them to align with your company’s current and changing business needs. This process provides several benefits, including: 

  • Scalability 
  • Enhanced security  
  • DevOps automation  
  • Reduced development time 
  • More efficient troubleshooting and bug fixes 
  • Reduced costs 
  • Reduced time to market 

The savings associated with app modernization are substantial and can impact both your top and bottom line. Here are the average cost savings based on mid-market case studies:  

  • 50% reduction in virtual application server costs 
  • 65% reduction in the time to production 
  • 75% reduction in reported production incidents 
  • 80% reduction in IT administration costs for applications in Azure 

The amount of cost savings that a company can expect will depend on their footprint in the cloud.  

App modernization provides companies with flexibility to provide space for innovation well into the future. This process extends the lifetime software investments while taking advantage of the many technical innovations available today.   

Get Prepared with a Migration Readiness Assessment  

This assessment provides the dimensions that would be impacted if you were to take a specific app and proceed to migrate it to the cloud. Each step provides crucial information that will help your business select the migration path that’s right for each individual application.  

Here are the seven components your business should scrutinize before beginning your application modernization process: 

  1. Analyze Your Objectives 

What are the high-level business objectives? What is the timeline? Who are the stakeholders? What business units are being impacted? 

It’s important that companies looking to initiate an app modernization strategy have established data to help them set goals. Every organization should track developer time, maintain a help desk ticketing system, and record repetitive manual tasks to establish your baseline. Without a baseline, you’re unable to understand your objectives.  

Are you looking to increase your revenue or productivity? Reduce certain costs? What is your goal and what are the KPI’s you’re going to use to measure your progress? Here, a business analyst should be involved to ensure these are clearly established.  

  1. Plan Your Migration Path 

There are multiple paths you can take for each app. You’ll need to consider which will be the best option for the app you’re planning to modernize. You project may require that your app is:  

  • Re-hosted 
  • Re-platformed  
  • Repurchased  
  • Refactored 
  • Retained  
  • Retired 

You’ll need to determine which path is best for your application modernization process and what that path is going to look like.  

  1. Assess Your Experience Level  

What is the staff’s current experience level with these migration technologies, tools, and operating models? If there is a gap, what is the plan to bridge this gap?  

This could mean educational plans to get employees comfortable working with new tools or consulting services to help augment internal resources. 

  1. Determine the Landing Zone  

How will modernizing an application impact licensing, connectivity, architecture, Disaster Recovery, or configurations as they currently exist?  

  1. Evaluate Your Application  

What applications are being considered for modernization?  

When we dive into an application that’s being considered for modernization, there are many factors we need to consider:  

  • Prioritization: What levels of priorities exist? How does each application align to a prioritization category? 
  • Dependency mapping: What are the application’s use cases, workflows, and automations? 
  • Performance analysis: What are the application’s server utilization and connectivity needs? 
  • Data discovery: What are the application’s required data structures? 
  • Maintenance: What will the application require for future functionality enhancements and ongoing support? 
  1. Target Security and Compliance  

There are always security requirements that need to be considered when applications are being updated. How will these be managed in their modernized state? 

Every business has a certain security model that will need to be enforced and often reported on for compliance, among other reasons. Without an OS, engineers need to reevaluate how to secure their applications. Modernization projects leveraging container platforms will usually include two types of security testing in each deployed container: 

This allows for each container to be scanned for security updates, aged versions, or known vulnerabilities both while under development and while in production. In the absence of a virtual host, these security controls are embedded into the application itself which allows for automated remediation and updates at the node level.  

  1. Consider Your Operating Model 

How will patching, back up, asset management, configuration changes be addressed moving forward? A new paradigm may need to be implemented to be compliant.  

These details cannot be glossed over before beginning the application modernization process. For those who may be overwhelmed by beginning this process, it’s important to note that in app modernization, you don’t have to do everything at once. Finding the right partner to assist you or administer the entire process will ensure you’re reaching the maximum ROI on your technology investments. 

Next Steps: Assembling the Right Team for App Modernization 

Once your infrastructure is in the cloud, it’s important to take advantage of the benefits the cloud offers through application modernization. To ensure the application modernization process is a success, multiple skillsets are required, including a:

  1. Tech Lead 
  1. Project Manager 
  1. Business Analyst 
  1. Data Engineer  
  1. Full Stack Developer  

At Arraya, our Application Services team has the experts needed to administer the entire app modernization process. We can assist with the planning phase, execution, support and maintenance, or data migration and integration.  

To learn more about app modernization, take advantage of our on-demand 2021 Tech Summit session: 

IaaS: Now What?  

Here, we walk through real-world examples, from building new apps to modernizing existing apps with the right strategy.  

Application Modernization Virtual Series

To learn more about the application modernization process, check out Arraya’s 5-part Application Modernization virtual series on-demand. These sessions outline the steps and strategy for a successful app modernization journey – one that will allow your organization to truly realize the benefits of digital transformation.

Sessions include:

  • Understanding Application Modernization
  • Taking Advantage of DevOps Automation
  • Planning Your Data Migration Path
  • Addressing Security and Compliance
  • Managing, Monitoring, and Maintaining Apps

Visithttps://www.arrayasolutions.com//contact-us/ to connect with our team now.  

Comment on this and all of our posts on: LinkedIn, Twitter and Facebook.   

Follow us to stay up to date on our industry insights and unique IT learning opportunities.  

by

In this episode of the Arraya Insights Vodcast, our panel discusses the importance of endpoint security in today’s “New World of Work”. Now that users are more connected to their business networks from their homes than ever before, what can and should be done to protect home networks? And should organizations have a say in how those networks are configured?

Our panel tackles these questions as well an array of security topics, including endpoint protection, network security, multi-factor authentication, securing VPNs, zero trust, micro-segmentation, and more.

Hosted by Scott Brion, Director, Cyber Security, this episode’s panel includes Mike Piekarski, Enterprise Security Architect, and Keith Wood, Cyber Security Consultant.

Prefer an audio format? Subscribe to our Arraya Insights Radio feed in your Apple or Android podcast catcher for an audio-only version of our vodcast. Or, you can use the player below.

https://soundcloud.com/user-166960433-952960141/arraya-insights-vodcast-prioritizing-endpoint-security-in-the-new-world-of-work

by

Microsoft 365 is a suite of office apps, including Word, Excel, PowerPoint, Teams, Outlook, OneDrive, and more. Millions of users from small businesses to large enterprises rely on these apps for both productivity and collaboration tools.  

With the recent increase in cyber attacks, specifically ransomware, there’s been discussion surrounding M365 security and whether users should be backing up their data with a separate, third-party solution. In this blog, we’ll discuss M365 security and provide an answer to the backup question.  

First, let’s break down the layers of security that Microsoft 365 offers:   

  1. Identity & access management 

M365 provides identity and access management in two ways. Using Microsoft Authenticator, user credentials are coupled with a second verification tier. Depending on what the user selects, this could be through multi-factor authentication or using your phone’s touch or facial recognition as the second form of verification.  

Second, Windows Hello addresses the password problem. Strong passwords are a necessity but pose many challenges for users. They need to be long and complicated, which can make them difficult to remember. Users also tend to recycle passwords, which isn’t secure. Instead, Windows Hello utilizes a new type of user credential that’s tied to a device and uses a biometric or PIN.  

Conditional access then evaluates each individual user, device, app, location, and risk before granting access. Regardless of privilege level, all identities are protected.  

  1. Threat protection 

With enhanced digital innovation, our attack surface continues to increase. No single service can comprehensively protect against all threats. Microsoft 365 helps stop damaging attacks with integrated and automated security through various solutions to protect identity, endpoints, user data, cloud apps, and infrastructure.  

These services specialize in protecting against specific threat vectors, such as networks, email, business, critical data, etc.   

  1. Information protection 

Remote collaboration has become central to a business’s capabilities. However, remote collaboration also means your data is traveling all over the place. While sharing information is good for productivity, it’s bad for security.  

M365 protects your sensitive data with a four-step process: 

  • Classification
  • Labeling
  • Protecting
  • Monitoring

The Microsoft Information Protection solutions in M365 protect your sensitive data throughout its lifecycle across devices, apps, cloud services, and on-premises locations.  

  1. Security management  

The security center provides real time reports on your security posture so you can rely on insights and guidance to strengthen your position. This allows you to track and manage your security across identities, data, devices, apps, and infrastructure.  

A centralized dashboard provides a Secure Score so you know where your organization stands and whether action is needed. Here, you can configure devices and data policies to better manage your organization. 

Is Your Data Fully Protected?

Despite M365’s robust security solutions, there are infinite ways in which your data could be compromised. No amount of security can ensure that there is zero risk of your data being lost.  

As 2022 started out with a substantial uptick in cyber attacks, we’d like to highlight the importance of data protection for all Microsoft 365 users. While Microsoft does provide the most cutting-edge security solutions, this alone is not enough. And Microsoft agrees. 

Within Microsoft’s service agreement, they clearly outline, “In the event of an outage, you may not be able to retrieve Your Content or Data that you’ve stored. We recommend that you regularly backup Your Content and Data that you store on the Services or store using Third-Party Apps and Services.” 

Data should always have a secure backup that’s ready to go in case of a cyber event. While loyal Microsoft users may believe that this additional step is unnecessary, it is very much necessary. And at Microsoft’s recommendation, we agree.  

Next Steps: Protect Your M365 Data With a Third-Party Backup Plan

Each business and organization carries a different and unique level of risk, depending on a number of factors. One of the largest factors is digital real estate. The more digital assets you own, the larger your attack surface, and therefore, the larger your risk.  

There are a number of third-party backup solutions that can address your specific needs and your specific level of risk.  

If you’re not already backing up your M365 data with a third-party solution, contact an Arraya expert today. We can help you ensure your information is protected and available for when you need it most.  

Visithttps://www.arrayasolutions.com//contact-us/ to connect with our team now. 

Comment on this and all of our posts on: LinkedIn, Twitter and Facebook.     

Follow us to stay up to date on our industry insights and unique IT learning opportunities.    

   

by

In late February, our Cyber Team put together a blog highlighting the various types of security assessments. As nearly every industry relies on technology in some form, most businesses must factor cyber compliance into their strategic plan. Those who gather consumer PII (personally identifiable information) and process payments must follow strict compliance regulations to ensure that information is being handled appropriately and protected.   

These security assessments provide a way for companies to test, monitor, improve, and report on their security posture. Whether they’re needed for internal reporting, security compliance, or to monitor for vulnerabilities, these assessments are an important part of keeping your business secure.  

For many organizations, the first security assessment they should consider is a Business Impact Assessment or BIA. In this blog, we’ll dive deeper into this type of assessment to outline what this entails, when it should be completed, and how organizations can best utilize the results.  

What is a Business Impact Assessment? 

A Business Impact Assessment is conducted to predict the consequences for a wide variety of failures and scenarios. For the sake of this blog, we’re going to focus on IT Business Impact Assessments.  

An IT BIA identifies and prioritizes IT system components (applications and technology) by correlating them to the mission/business processes that the IT system supports. This information is then used to characterize the impact on the process, should all or portions of the IT system be unavailable. The IT BIA also identifies supporting resource dependencies and establishes recovery time targets.  

In short, this assessment provides businesses with data to help them prioritize which functions are the most important and should be addressed first, should there be a disaster.  

This assessment can help minimize the impact of business function and process disruption by: 

  • Identifying IT recovery options 
  • Eliminating confusion regarding IT recovery priorities 
  • Identifying IT recovery capability gaps 
  • Identifying inaccurate IT recovery program scope 
  • Identifying justifications for IT preparedness budget 

When should a BIA be Completed? 

A BIA should usually be completed before any other security assessments, such as risk assessments or penetration tests.  

A BIA is not a one-time practice as it provides metrics for a single point in time. A BIA should be completed regularly to consistently monitor your security posture. It’s recommended that a BIA is conducted at least every other year, if not annually.  

How to Prepare for a BIA Assessment? 

Prior to beginning the BIA, it’s important to have clear objectives. What is the end goal? What KPIs will help you determine whether that goal is achieved? Who should be involved in this project team? 

Next Steps: Protect the Future of Your IT Environment with a BIA Assessment 

Many organizations seek to complete a BIA assessment to simply check a box and satisfy compliance regulations. However, these assessments offer an important, in-depth look at your business’s ability to survive a potential outage or cyber attack.  

A BIA assessment, coupled with a risk assessment, penetration test, or a tabletop exercise, will allow your business to make informed, data-driven decisions in your cyber risk management plan. Today, businesses must be on high alert due to the cyber attack landscape and take all precautions to protect themselves.  

To learn more about Business Impact Assessments, get in touch with our Cyber Team. One of our experts can answer any questions you may have or help you get started. Reach out to start a conversation today.  

Visithttps://www.arrayasolutions.com//contact-us/ to connect with our team now. 

Comment on this and all of our posts on: LinkedIn, Twitter and Facebook.     

Follow us to stay up to date on our industry insights and unique IT learning opportunities.

by

As cyber attacks increase in severity and frequency, it’s more difficult than ever for businesses to stay ahead of their vulnerability. Staying up to date in cyber is key to ensuring your business has the best available defenses and is equipped to face the latest series of cyber attacks.  

While the term “hacker” may have a bad reputation, many hackers are information security (InfoSec) experts who test security methods to identify potential vulnerabilities before bad actors can. They often believe in working together creatively to reach a common goal.  

For those interested in cyber security, hacking methods, and the InfoSec industry in general, InfoSec or hacking conventions are a great way to meet like-minded people and learn through workshops, presentations, competitions, and networking events. These conventions bring together the brightest in the industry to share ideas, techniques, and learn from one another.  

While each hacker convention is different, here’s what attendees can often expect: 

  • Industry Research Publishing/Presentations 

Researchers collaborate to publish or present their latest findings, which could involve new techniques to penetrate or work around a system, new ways to detect or stop a threat, and the latest tools and products available. 

  • Villages 

These are designated spaces with real equipment or tools for a specific focus area. This may be cars or voting booths that can be hacked, locks that can be picked, and more. These are manned by staff who understand the specific discipline and will teach participants how to get started and give their own attempt at hacking.  

  • Capture the Flags (CTFs) 

These competitions put teams of hackers together to attack and defend a series of systems. The scoring system will vary based on the individual competition, but this may involve teams working to take down one another’s service all while defending their own, or teams working to find a hidden file or string of text. These hacking challenges are interactive, and the concept is constantly expanding. Some of the brightest minds in the industry compete for lucrative cash prizes.  

  • Workshops 

Workshops are offered for various specific disciplines. Depending on the conference these could be free and first-come-first serve, while others require a fee and a reservation.  

  • Badges 

Every hacking convention has a unique badge. These badges tend to have their own side quest, like a puzzle or game that you play throughout the convention and may require participation from other attendees to solve. As the years have gone on, these badges have gotten more elaborate. Search #BadgeLife to see some creative examples.  

  • Vendors 

These conventions provide vendors with the opportunity to promote their products, give demonstrations, meet their target audience in general, and showcase what they can do.  

As you can imagine, members of our cyber team are big fans of these conventions and regular attendees of a few. For this blog, they’ve compiled a list of their favorite hacking conventions and resources for those looking to learn more or get involved in the industry.  

InfoSec Conventions in 2022 

While this isn’t a comprehensive list of every hacking convention being hosted in 2022, these include the largest and most notable, and our personal favorites.

Defcon 

Defcon is one of the largest and most notable hacker conventions. This year, the convention will be from August 11 -12, 2022 at Caesars in Las Vegas. This annual event has been held in Vegas for the past 30 years.  

For those unable to make it to Vegas or looking to connect with others more regularly, there are local Defcon groups all over the country. These may meet either monthly or weekly and are designated by area code.  

Check out Defcon’s forum to see if there’s a local group near you.  

Blackhat 

Blackhat is an international conference series which hosts events all over the world. This year, Black Hat USA will be held at the Mandalay Bay in Vegas from August 6 – 11, 2022. They will offer both in-person and virtual events so attendees can choose how they want to participate.  

With interactive training sessions, briefings, and the opportunity to network with thousands of InfoSec professionals, this is a great way to get connected in the industry.  

Chaos Computer Club 

Note: You may need to use a translator for this German website. Chaos Computer Club is a European, non-profit association of hackers. They focus on surveillance, privacy, freedom of information, hacktivism, and data security, along with a variety of other technology and hacking issues.  

Alongside Defcon, Chaos Computer Club’s annual conference is one of the largest world-wide. As this conference is held in between Christmas and New Year’s, attendees will have to wait until the end of the year to partake.  

Hackers on Planet Earth (HOPE) 

Hackers on Planet Earth, also known as HOPE, is a biannual event hosted in New York City by 2600, which is the group who publishes The Hacker Quarterly.  

This year’s event will take place from July 22-24, 2022, at St. John’s University in Queens, NY. Participants can expect a series of speaker sessions and panels, workshops, villages, performances, exhibitions, and vendors.  

Shmoocon 

Shmoocon is limited to only 4000 attendees and is held annually in Washington, D.C. This year’s event will be held from March 24-26, 2022.  

This is a highly sought-after event that features extensive research, interesting villages, and numerous side events. As space is limited and tickets are more affordable, tickets generally sell out fast.  

Wild West Hackin’ Fest 

Wild West Hackin’ Fest will be from May 4 – 6, 2022 in San Diego. This event can be attended in person or virtually.  

This conference caters to everyone, from novices looking to enter the world of information security to industry leaders looking to share their ideas. Attendees can expect workshops, labs, training sessions, a Capture the Flag, an escape room, and more.  

Bsides 

For those unable to travel or looking for a more local experience, there are Security BSides conferences in most major cities on an annual basis. These provide an opportunity to meet professionals locally and keep up with the latest trends and research.  

Look up your hometown to see if there’s one near you.  

Next Steps: Join the Hacking Community to Reap the Benefits of the Latest in Cyber 

There’s no better way to combat cyber crime than to come together as a community. These InfoSec and hacker conventions provide an opportunity for collaborative thought and learning.  

Whether you’re brand new to the industry and looking to learn more to protect your business or you’re a professional with knowledge to share, these are a great way to learn from the best, get connected, and have some fun while you’re at it.  

If you’re looking to improve your cyber security standing, connect with our Cyber Team today.  

Visithttps://www.arrayasolutions.com//contact-us/ to connect with our team now.  

Comment on this and all of our posts on: LinkedIn, Twitter and Facebook.   

Follow us to stay up to date on our industry insights and unique IT learning opportunities.