The cyber security field is always evolving to meet the new threats facing your organisation, in this article we explore defence in depth. Defence in depth is the principle that you should have layers of protections, fail safes and security throughout your IT estate to ensure that even if your outer defences are breached you still have layers of protection to limit any damage.
In this article we discuss defence in depth and how Microsoft 365 helps you put this into practice.
Defence in depth explained
Defence in depth comes from the military approach of securing something. Having different layers of warning, security and clearance needed to access different areas or move through your organisation.
Traditional cyber security approaches used to look to secure the network, all devices were within the outer firewall and so stopping anything coming in was a sure-fire way of securing your full infrastructure. Now with cloud services, hybrid working, multiple devices you have hundreds if not thousands of different attack vectors you need to secure against.
Taking the principle of if there was a breach in one area how would I stop it spreading to other areas, allows you to build up a much stronger defence and reduce your risk.
Microsoft 365 defence in depth in practice
Microsoft 365 premium or enterprise has a wide range of security solutions designed around building your layers of security. Below are some of the solutions and how they secure your IT estate.
- Microsoft Defender – Microsoft 365 Defender is part of Microsoft’s Extended Detection and Response (XDR) solution that leverages the Microsoft 365 security portfolio to automatically analyse threat data across domains and build a picture of an attack on a single dashboard. It helps organisations secure their enterprise with a set of features to protect email, and Office 365 resources.
- Azure Active Directory (Azure AD) Identity Protection Security Reports – Allows you to see configuration vulnerabilities, which are session and user risk signals that our machine learning, heuristic, and research systems detect.
- Azure Active Directory Risk-Based Conditional Access – Allows you to put those risk signals to work, automatically intercepting bad sign-ins and deactivating compromised passwords.
- Microsoft Cloud Application Security – Allows you to monitor and control activity between an app and the user.
- Advanced Threat Analytics Provides deep forensic insights into what’s happening in your on-premises environment, allowing you to see precisely how a hacker acted in your environment so you can provide a rapid response.
- Azure Active Directory Privileged Identity Management – Ensures that you have the minimum possible administrative attack surface by giving you just-in-time and just-enough administrative access.
- Azure Information Protection – Allows you to protect data with strong encryption and access policies regardless of where it goes.
- Microsoft Intune Mobile Device Management and Mobile Application Management – Helps you ensure that devices and apps used in your organisation are secure and healthy, again protecting data on these devices against device loss, malware, or other threats.
Overall Microsoft 365 offers a one stop shop for security capability to ensure your organisation has the layers of protection it needs to function efficiently. To learn more about Microsoft 365 download our M365 guide here. If you would like to discuss your own cyber security, then please contact us for a security review today.