At Network Overdrive, we mainly support SMEs who are Microsoft users – so getting more out of Microsoft is our core business.
If you’re the person responsible for IT in your business, then this is essentially an executive briefing on how you can leverage your existing investment in Microsoft to improve your cybersecurity.
We are delighted to have been selected by Microsoft to be part of their Partner Network and to use our wealth of experience to help you understand why this new offering is of real and immediate value to you.
The growth of cybercrime is (rightly) terrifying.
Cybercrime is now a global industry – one that’s funded by rogue governments as well as the proceeds of organized crime.
Take it down to the SME level, and cybercriminals are spending 10 times more money on attacking SMEs than any small business could ever spend protecting itself. Why? Because cybercrime pays.
“In August of 2016, Cybersecurity Ventures predicted that cybercrime will cost the world $6 trillion annually by 2021, up from $3 trillion in 2015. This represents the greatest transfer of economic wealth in history, risks the incentives for innovation and investment, and will be more profitable than the global trade of all major illegal drugs combined.”
It’s no wonder many SME owners avoid even thinking about the subject.
There IS good news – and immediate action you can take
The good news is that Microsoft has been thinking hard about this – and today all a business with less than 300 employees needs to know are two things.
Microsoft Business Premium can be the foundation for your Cyber Security
If you already have Microsoft Business Premium, make sure it is configured and managed to maximize your investment
So, for over 5 years, I’ve had a sinking feeling that we were losing the cybersecurity war.
Ransomware has become a multi-layered industrial activity where large criminal organizations develop platforms for small criminals to use. It is known as Ransomware as a service (RaaS) and it incentivizes the smaller criminals to find smaller, or nonprofit, organizations to compromise.
Previously the large criminals would only target big businesses – but now everyone is a target.
Two years ago businesses fought back by either moving applications to the cloud or improving their backups… hopefully by doing both! It worked then – and my sinking feeling subsided.
But now the criminals have reacted with new attack techniques. They have worked out that just encrypting data and asking for payment to unencrypt it is no longer effective – because businesses can just restore from backups. So they have moved on to new strategies:
If you are small they will most likely hide and watch your business activity. Then they will develop an elaborate ‘scam’ to get you to pay into the wrong bank account.
If you are more than a 20-person business, they will still try option one, but they will also look for opportunities to do data theft (what we technical types call exfiltration because it’s so sneaky). They’ve started breaking into systems and stealing confidential data.
For each one of the new techniques, a corresponding technology solution is available in the marketplace – but:
the large number of tools required plus
the cost to implement and manage each one of them was vastly more expensive than what most SME Businesses could afford.
Even within the Microsoft solution set, all of the appropriate services were within the Enterprise family range and they came with Enterprise-sized costs.
My sinking feeling came back, redoubled. The cybercriminals were pulling away and I couldn’t see a way for businesses to keep up.
Enter Microsoft Business Premium
But now Microsoft has released Microsoft Business Premium – and it is truly the foundational security platform for any SME business using Microsoft products to run their business.
What I especially like is that while some functionality aspects are reduced/absent compared to the Enterprise is that all of the security functions are just as robust as the Enterprise product.
It really feels like Microsoft has fully committed to protecting their small business customers.
At Network Overdrive, we’re excited and relieved, because it means:
Our customers can get access to industry best practices – affordably.
Our customers can meet government guidelines such as the Essential 8 more easily.
With good security in place, SME businesses can confidently look after their customers which not only increases customer loyalty but also improves staff productivity and morale.
Microsoft Business Premium is an Affordable and Integrated Cyber Security that allows you to adopt global Best-Practice Methodology
What is Best Practice Cyber Security?
According to America’s National Institute of Standards and Technology (NIST) best-practice cyber security requires a multi-layered approach otherwise known as defense in depth.
Those layers are:
Microsoft Security Score helps Businesses to identify what they could do to improve their security posture. It combines user behavior, system analytics, and business analytics to provide actionable insights.
If you don’t know where to start with your security, you can go to the Microsoft Security Score to guide you.
The number one tool criminals use to compromise a business is using fake emails to trick employees into sharing their passwords by directing them to fake websites with a login screen.
Once a bad actor has access to an employee’s mailbox, then they use it to gather intelligence about your business. They want to gain further access so they can either 1) trick someone (in your business or another company) into sending money to the wrong bank account or 2) seize sensitive information that they can use to blackmail an individual, your business, or another business.
Microsoft Business Premium includes Email scanning to block malware, convert any URLs in an email into ‘Safe Links’, and ensure all attachments are ok to open ‘Safe Attachments’.
It also includes Conditional Access which can block access to your business based upon Geo-location (Why let someone from Russia log into your emails?) and enforce Multi-factor Authentication (MFA).
Significantly, Microsoft Business Premium also includes Device Management using Intune and Microsoft Defender for Business. Microsoft’s Intune and Defender for Business means that not only your cloud information is protected but also the computers and those that use them.
Plus additional Best-Practice strategies like Operating System Updates, hard drive encryption, limiting privileged user access and the prevention of applications with malicious behavior is now available in the one license.
That’s a whole lot of protection.
Unfortunately – however good your prevention tools are – you only need one of your staff to be tricked once to have a major cyber security event.
So, should a bad actor gain access to one of your systems and/or devices, you want to be able to detect that intrusion as soon as possible and prevent it from spreading to other people and systems.
Microsoft Business Premium includes a Threat Protection module that takes the information from the cloud platform and each of your devices. It uses advanced algorithms to detect abnormal and malicious behavior and can either automatically block the behavior and/or report the event to your cyber security specialist to track down the cause of the event.
When a potentially malicious email, program or file is detected it is quarantined and the system allows an IT Administrator to either permanently delete it or release it back to the user if it is determined to be safe.
Device Management by Intune also allows the creation of a Virtual Desktop Image that can be deployed with all applications and configurations to either a new machine or over the top of a machine that is no longer trusted due to an infection.
Then, if OneDrive for Business was configured to back up the ‘Desktop’ and ‘My Documents’ files then that can be run to complete the restore of any machine.
Microsoft by default has 30-day backups and the system allows integration into third-party systems for greater retention and recovery.
Microsoft Business Premium helps you be compliant
From the above, you can see that Microsoft Business Premium is a great foundation for a multi-layered cyber defense strategy
It is perhaps of no surprise that it, therefore, aligns itself well with the Australian government’s recommendation to all Australian businesses.
The Australian Government has outlined 37 strategies to minimize cyber risk and has outlined 8 that need special attention.
They are known as the Essential 8 and for each of these 8 areas, a business can be ranked as having either a level 0, 1, 2, or 3 maturity level.
Microsoft Business Premium will give most businesses the capability to move from level 0 to level 1 and can be displayed like this:
You can read more about Microsoft’s solutions for Essential 8 here:
Microsoft Business Premium helps you to positively engage with your Customers
Due to the legal requirement of Mandatory Reporting for Data Breaches, you will need to speak to your customers if they have been affected by a Cyber Security Incident that has happened in your business.
That terrible phone call will be a whole lot worse if it is the first time you have spoken to them about your cyber security.
We recommend that you proactively engage your customers with how you are taking their privacy seriously – because of the way you are implementing improved cybersecurity capability and processes. You can use the insights and reporting from Microsoft Business Premium to guide your conversations with your existing and potential clients.
Telling your customers how you are protecting them is a great way to turn a necessary cost into a competitive advantage.
Security is a PROCESS, not a product
You can’t just buy Microsoft Business Premium and think you are secure
Every security product requires installation, configuration, training, and then ongoing monitoring and management.
Buying the software is like buying all the door locks and bolts for your home – but never actually locking up.
You still need to do the installation and get the configuration right – so that you’re protected without being suffocated.
Then you need to make sure your tech team is correctly monitoring your defenses so that you know if you’re being attacked.
You also need to commit to ongoing security training and awareness-building across your organization and your supply chain.
It is going to involve work – but in today’s cybercrime explosion, leaving your information systems’ doors and windows unlocked because “we’re too small to matter” is not going to end well for your business.
Next Steps – Take your security seriously
If you’re a Microsoft-based business, then plan to upgrade to Microsoft Business Premium as soon as possible.
We recommend that:
You plan carefully to avoid disruption, because all your business systems, devices, and processes will be involved in the upgrade.
You do a phased installation, with the Endpoint Detection and Response module last.
You maintain your existing anti-virus and EDR licenses until:
Your installation is fully completed,
Your management and monitoring process are integrated, and
The Microsoft EDR functionality has been adequately beta-tested.
Not only will you be able to worry a bit less – but you’ll also be on the front foot and ready to meet Essential 8 Cybersecurity requirements. PLUS you’ll be able to show up as a leader to your key customers and suppliers.
Ask for help if you’re in any way unsure
The realities of the cybercrime explosion through COVID have been in the news again and again. Today, Russia’s state-sponsored hackers have even more motivation to attack businesses in countries that speak out against the Ukraine situation.
You really ARE big enough to be a target.
If you don’t know where to start, get in touch with us to understand how to leverage your existing investment with Microsoft today. (Yes, really – TODAY)