Charlie Mac and Associates

  1. Newsletters

Simplifying Security With Microsoft

Following on from my email last week, I wanted to describe how you can build a complete Security Information and Event Management (SIEM) solution completely with Microsoft offerings. My philosophy is two-fold: 1) make the most of the Microsoft 365 licencing you already have and, 2) remove much of the third-party security infrastructure you have that subsequently becomes redundant. The result is a simpler security management environment that is more effective [I believe] at preventing, detecting and handling security incidents.

A good place to start are the security setup items in the Microsoft 365 Admin Center. Here, you can enable Microsoft’s recommended security defaults and conditional access policies (inc MFA). Before you get started though, it’s a good idea to setup at least 1 or 2 break-glass accounts and monitor access of these accounts through Azure Monitor. These will ensure that you don’t ever get locked out through misconfiguration.

Then, check out the Microsoft 365 Defender Center, and in particular, the recommendations under your Microsoft Security Score. If you are like most organisations, you’ll be presented with a long list of recommended remediation tasks. Click on any one of these to get handy implementation instructions.

To go further, look at Microsoft Defender for Endpoint – comprehensive device security pushed out through Endpoint Manager, and Microsoft Defender for Office 365 (the welcome [and far cheaper] replacement for products like Mailguard). If you have workloads in Azure, also check out the Azure Security Center. In addition, Microsoft Purview (was known as Security and Compliance Center) provides content classification, audit and deep data investigation functions. With Purview, you can also apply policies for automating the detection of potential compliance breaches (eg credit card numbers in the clear).

And as with everything Microsoft, all roads lead to Rome. Go ahead and choose a path to a better security posture that best suits you and your organisation.

And remember, security is, as one of my favourite 80s movies suggested, one [persons] struggle to take it easy.

Across the Industry

Recent Government Tenders

Microsoft News

Comments to: Simplifying Security With Microsoft

Your email address will not be published.

Attach images - Only PNG, JPG, JPEG and GIF are supported.


Welcome to Typer

Brief and amiable onboarding is the first thing a new user sees in the theme.
Join Typer
Registration is closed.