never-MS-02

Never Trust, Always Verify

Assuming that you have the security of your information completely under control,
puts your business at risk of losing its most important asset.
never-MS-01
never-MS-11

Microsoft’s security stance, which invites us to always distrust and verify, is based on the principle that however well-established the protection and cybersecurity models are, unscheduled breaches occur in the most unexpected places. For this reason, every request or access to our resources must go through an authentication, authorization and encryption process before granting access.

 

The principle “never trust, always verify”, is the foundation of Microsoft’s Intelligent Security Solution.

Organizations need today more than ever, a security model that effectively adapts to the complexity of their environment, leveraging workforce mobility and protecting people, devices, applications, and data, no matter where you are.s.

To achieve this, Microsoft has developed the Intelligent Security Solution:

Microsoft offers a full range of security backed in Microsoft 365 and Azure clouds for the 6 key vulnerability points that compromise the security of modern enterprises:

never-MS-04

Identities
and Access

never-MS-05

Devices

never-MS-06

Information
and Data

never-MS-07

Applications

never-MS-08

Infrastructure
and network

never-MS-09

Databases

never-MS-10

GENERAL RECOMMENDATIONS AND SOLUTIONS

Protect yourself from malicious login attempts and protect credentials with risk-based access controls, identity protection tools, and strong authentication options — without disrupting your productivity.

Microsoft Azure Directory is a comprehensive cloud solution for managing identity and access, combining:

  • Basic Directory Services
  • Managing Application Access
  • Advanced identity protection.

Ensure that devices and users are not trusted just because they are part of the internal network. Encrypt all internal communications, limit access according to policies, and employ real-time micro-segmentation and threat detection. Gain visibility of devices by entering the network. Ensure compliance and service status before giving access.

To ensure the protection of information and data, the information must be inventoried, classified, labeled and, if necessary, encrypted.
In most cases, attackers attempt to get data from:

  • SaaS application such as Microsoft 365
  • Disks on virtual machines
  • Cloud Storage

Those responsible for data storage and access control must ensure adequate security. They must also ensure that they comply with legal requirements regarding controls and processes to ensure confidentiality, integrity and availability of data.

It is critical to find a balance between providing the necessary access and protecting critical data that can be accessed from Applications and APIs (Application Programming Interface).

By integrating security during application development, you reduce the number of vulnerabilities in the code. Development teams must ensure that their applications are secure and that they follow security requirements without making compromises of any kind.

Infrastructure is a critical vector for threats. Malicious software, non-patched systems, and incorrectly protected systems open the environment to attacks.

As for the network, connectivity across all resources should be limited to allow only what is strictly necessary. This reduces the risk of lateral displacement on the network.
Please note the network protection guidelines:

  • Explicitly verify. It should always be authenticated and authorized, based on all available information points.
  • Use least-privileged access. Protect data and productivity with Just in Time (JIT) and Just Enough Access (JEA) policies.
  • Assume security breaches. Segment access by network, device, and application knowledge. Verify that all sessions are encrypted end-to-end. Use statistics to gain visibility, boost threat detection, and improve defense.

Data is protected by firewall, which prevents access to the server until it is explicitly authorized based on the Azure Virtual Network IP address or traffic source.

Leaving security aside is a decision that can cost you too much.
Businesses from all industries and all sizes are being targeted by cybercriminals. Protecting it is not a simple task. To learn more about how you can identify steps to properly manage your security strategy, review the following recommendations.

It’s time to take all the actions and decisions necessary to ensure the protection of your business. By incorporating the “never trust, always verify” philosophy from Microsoft’s Intelligent Security Solution , you have the security and confidence to protect your users, devices, apps and data. Intcomex Cloud is with you in this process, providing you the full range of Microsoft security using Microsoft 365 and Azure clouds.

For more information, contact one of our experts at cloudsales@intcomex.com or let us contact you:






    Follow us

    fb
    lnkdin
    youtube