Since the mid-90’s, the world wide web has been changing the way we live our lives. Now the Internet is so much ingrained into our day-to-day, there are disaster movies based on it falling over – or worse – taking over! Matrix anyone?
Everything from ordering a sandwich to booking a world trip, to working from your home office in the Southern Alps, is at the touch of your fingertips. Unfortunately, as the digital world continues to get faster and smarter than the average bear, there are those out there using it to get their fingertips on things they shouldn’t.
Businesses and individuals are storing immeasurable amounts of data – whether it be photos of our fur babies, or top-secret formulas, or all our client’s important information – in cloud-based facilities. With all these goodies out there in the cloud, inevitably it brings out the opportunists, the villains if you will – those who don’t give a fig about the law.
The advancement of the Internet has birthed a whole new level of hackers and cybercrime – and they are smarter than the average bear as well! You want to be able to trust your data is safe – that’s why ensuring your data security is up to scratch. Microsoft 365 offers a suite of security software to choose from, and don’t worry, we know it can get confusing, so we’ve broken it down in laymen’s terms as best we can.
Microsoft Azure Security Center
This is the foundation layer of security software that Microsoft offers, with the intent and ability to monitor your data system health and strengthen its security posture – it’s basically Doctor Data. It uses a fine-tooth comb to collect incidents from Azure or other information logging agents, and relays this to a security investigator. This software then analyses this information to get a bigger picture of your system’s security and provide bespoke advice to you on what you can do to improve/upgrade your security. You can still choose whether to implement this advice or not, and if in doubt – talk to your friendly neighbourhood IT-man (person!).
Microsoft powers security threat detection within Azure Security Center. With a high level of intelligence and expertise, threats are identified early, reducing the number of false alarms. The system has a built-in policy, driving the suggestions to improve security, and guiding you through the process to carry out the advice. It’s basically doing all the research and problem solving for you – having your back the entire time!
Azure Security Centre informs you of any incidents immediately, with high priority alerts. It provides you the details on the attack itself, alongside tips on how to mitigate the attack, and stop them from happening again.
Microsoft 365 Defender
This is a specialised investigator of cyber-attacks and security threats. Defender is your first line of defense. Traces of such attacks can be left across your many software platforms, such as your emails, devices, and users. This can be a headache for security analysts to figure out across the board, trying to put the pieces together to understand and stop the attacks. Microsoft has combined the security systems for these portals into one, easy to use system.
You can navigate through incident information and alerts from all your data services, without leaving the Defender portal. The portal provides unified alert pages, which you can choose to review across devices, emails, or users, to gage understanding of how each of your systems are secure. You have the freedom to cruise through the portal and check out each of these entities, with no interruption to the background security investigations.
Microsoft Azure Sentinel
If Microsoft Defender is your first line of defence, your Captain America, then Azure Sentinel is Tony Stark. Application and infrastructure security is crucial to do correctly, and while it’s as clever as Ironman himself, it doesn’t need to take a rocket scientist to get it going. Azure Sentinel is available through Microsoft’s Azure Portal, and when activated it detects and resolves security incidents and threats efficiently – while collecting and analysing data, providing you the feedback you need to protect your organisations data.
It’s a piece of cake to set up too – it connects to many different data sources, including Microsoft sources and third-party sources such as Amazon. In the click of a button – you can connect Azure Sentinel to any sources you wish, giving it the ability to enter data in the Azure Data Directory – where analysis reports are displayed. If you want to see how secure your data is – simply go to the dashboard section of the Azure portal for insight.
In addition to the dashboards, there are many tools provided in the Azure Portal that you can use with ease to evaluate and identify security threats. For answers to common questions, you can use the Hunting tool queries. Azure Notebooks can be used to collect and display data in visualisations that you can chop and change to best suit your environment. The Playbooks tool lets you set up customised automatic mitigation responses – automatic alerts provided directly so you know what is happening, when it is happening. These are designed as Azure Logic Apps, which are set up with unique workflows to respond to specific security information. Playbooks have existing templates you can simply load your email in to get email notifications on your data system security. If you’d like to set up a Playbook Logic App from scratch – you’re able to do so in this platform.
With all the ease of set up and functionality Azure Sentinel provides, Microsoft states that it is 48% cheaper and 67% faster1 to set up than similar on-premise software (you know, the software you actually have to install on your device).
If you’re sitting there feeling worried about your data being corrupted or your security being breached – why not give us a call? Our team of friendly IT Superheroes are here to help you figure out the best security solutions for you – leave all the nerdy thinking to us!