Interlink Cloud Blog

facebooktwitterlinkedin

Matt Scherocman

The Struggle is Real: How to Deal with the Growth and Sophistication of Cybercrime with Microsoft Advanced Threat Analytics

The Struggle is Real: How to Deal with the Growth and Sophistication of Cybercrime with Microsoft Advanced Threat Analytics

As business changes and technology evolves, the majority of organizations depend on IT systems to store their data and run critical workflows. Unfortunately, these systems can be a prime target for cyber-attacks as sophisticated hackers put the enterprise in a vulnerable position. Just take note of these especially stunning stats:

  • 76% of attacks stem from compromised user credentials
  • The average cost of a data breach to a company is $3.5 million and total cost of cybercrime on a global scale is as high as $500 billion
  • Because of dangerous IT security blind spots (shown in the image below), it could take over 200 days to detect an attack

    IT blind spots Microsoft Advanced Threat Analytics

Stats courtesy of Microsoft Advanced Threat Analytics Datasheet.

The reality is, businesses need to pay attention and adapt to this changing nature of data security threats.

Now available in the Enterprise Mobility Suite, Microsoft Advanced Threat Analytics (ATA) helps to protect your company from attacks by leveraging machine learning. It uses behavioral analytics to uncover suspicious behavior, internally or from external attacks. It also detects known security issues and risks , the goal is to stay  one (or two, or three) steps ahead of the attackers.

Microsoft Advanced Threat Analytics

When you think of security software, your mind might immediately turn to configuring system rules and alerting. All of which take time and commitment from your team. With ATA, you don’t need to create rules, baselines, or thresholds. It’s streamlined from setup and works immediately. Once a threat is detected, it’s also easy to view a timeline of when the attack hit. It can help pinpoint where the breach took place. All of this insight can better prepare you for future attacks.

The thought of being hacked and not even knowing it is scary enough, but ATA also helps identify internal threats like why a user would be accessing files in accounting if they’re in the marketing department? Combined with online security reports, ATA can show anomalies for logins.  It will help detect when user credentials have been compromised by reporting geographically distant logins that occur at the time time – like a single user being logged in from Ohio and from Romania at the same time.  

The high-level benefits of using ATA at your business are obvious. Peace of mind goes a long way, and you also want it to help you adapt as cyber-attacks grow in frequency and sophistication. The features of ATA are even more appealing when you see exactly how it works for your business. Here are a few of our favorites:

  • Timeline: We’ve already mentioned that timeline, but it’s worth noting again. In addition to listing the activities as they occur, ATA provides recommendations on how to handle that alert.
  • Organizational Security Graph: This maps out entity interactions which represents the context and activities of the users, devices, and resources. This will be a big driver in managing security for each of your users.
  • Email Alerts: There’s no need for one person to be continuously monitoring for cyber-attacks. With ATA, you can have emails sent to users or groups when suspicious activity is detected.
  • Leveraging the Cloud:  Microsoft cloud based correlation engine helps more quickly identify new attacks and reduce the amount of false positives. 

The cyber-attack threat is real and ATA can help you adapt to the changing cyber-attack world we live in.

Contact Interlink if you any questions.

 

Matt Scherocman

Three Ways Microsoft Enterprise Mobility Suite (EMS) Has Changed Everything

Three Ways Microsoft Enterprise Mobility Suite (EMS) Has Changed Everything

Looking at how technology has evolved, the cloud has certainly changed everything in terms of how we do business and what’s expected of us as a company. The cloud has created a ton of benefits and possibilitieslike the promise for users to be able to work anywhere on any device. That flexibility also created several challenges. Those challenges include security, device management, and data protection.

 
[...]
Sarah Bunt

[On-Demand Webinar] Getting Value from Office 365: You’ve Deployed Exchange – Now What?

[On-Demand Webinar] Getting Value from Office 365: You’ve Deployed Exchange – Now What?

view webinar slides o365 blue

Do you know what you already own ?

Many organizations deploy Office 365, but only use Exchange. There are so many other applications within Office 365 like Groups, Sway, Video, and Delve that have been designed to help your users be productive.

In this on-demand webinar Microsoft and Interlink Cloud Advisors - Microsoft Cloud Consumption Partner of the Year - showcases the features and resources Office 365 (E3 plan) includes beyond Exchange.

Covers some of the most common workload scenarios and questions, including:

  • Efficiently sharing ideas and content
  • Collaborating together – co-authoring
  • Accommodating different working styles
  • Protecting intellectual property
  • Better coordinating group communications and efforts
  • Live demos, including: Sway, Delve, Planner, Office Groups, OneDrive, and Admin Portal

Whether you have already started moving workloads to the cloud or are just getting started, view the webinar to hear the best practices and insights into promotions that can further accelerate your cloud projects. 


Presenter:

Matt Scherocman

Matt Scherocman
President, Interlink Cloud Advisors
Microsoft VTSP and #1 in the world at helping clients with Microsoft funding 

 

Matt Scherocman

How To Protect Your Users From Ransomware and Vicious New Maladies Hidden In Your Incoming Email

How To Protect Your Users From Ransomware and Vicious New Maladies Hidden In Your Incoming Email

Protecting Your Email with Exchange Online Advanced Threat Protection 

With the constant threat of malware, companies have to constantly find ways to stay ahead.  How do you protect your data from these threats when they are constantly evolving and becoming more aggressive?  Microsoft has a solution in Exchange Online called Advanced Threat Protection (ATP).  It is another layer of must-have security that Microsoft offers to meet all your business needs. 

[...]
Matt Scherocman

Office 365 - Pros and Cons of a Consolidated Tenant with Global User Dispersion

Office 365 Pros Cons Consolidated Tenant Global User Dispersion

A single Office 365 tenant may not be sufficient for some organizations. In certain cases, a company may need to provision mailboxes or manage end users in more than one tenant.

Below is a detailed breakdown and summary of a single global Office 365 tenant versus multiple tenants. This assumes that there are two or more agreements in place.

As it exists today, a single Enterprise Agreement cannot have licenses allocated to multiple tenants without an exemption and Microsoft intervention to allow it. However, agreements made underneath that entity, such as a second Enterprise Agreement for a sub-company in another country or division of the organization can have its own tenant.

Single Global Tenant

The Pros

  • Single name space support.
    Example: company.com is shared across the organization and everyone needs it as the primary email address. In this scenario, there is no way to provide a unified email address alias without all users existing in the same tenant.
  • Single point of control and management - The proper implementation of Role Based Access Control allows for flexible controls to be put in place to manage licensing, users, and services such as Exchange.
  • Branding controls for portal pages and SharePoint sites is unified.
  • Tenant location is nearest to the primary company listed as the contact location for Office 365. In some cases this is beneficial where the largest set of users exist in a specific office. Retail would commonly see this as a benefit, for example, where the corporate office contains most of the information workers.
  • Perfect solution when a single directory for the entire company is leveraged for user, group, and device management.

The Cons

  • No flexibility in the location of the services today. All services such as Exchange, Skype for Business, and SharePoint are provisioned in the nearest datacenter to where the company's contact listing.
  • Role Management is very cumbersome - even with groups.
  • One directory and its trusted relationships can be synchronized, a third party tool must be used if the company has multiple directories and no trusts in place.
  • Can be very complex when you are leveraging multiple AD forests and Trusts - Overlapping contacts and sync errors are common.
  • Services can be very slow when global access is enabled. An example is Skype, which has a low tolerance for latency and is impacted significantly for users outside of the country where the tenant is provisioned.
  • Global instances of Yammer and SharePoint can cause companies to rethink putting all collaboration sites in the cloud.


Multiple Tenant

The Pros

  • Primary benefit is autonomy and control of your own portal and services underneath it.
  • Performance on a per company / agreement basis is markedly better due to the location being closer to the sub-company.
  • Provides less complexity about managing admin roles on a large scale and can be less cumbersome.
  • In scenarios where the company is global and large sets of users are distributed, this provides the best performance on a per agreement basis.
  • Managing licenses is much easier and based intimately on the way each company operates.

The Cons

  • No single namespace and consolidated company domain support exists today.
  • Global policy adherence is very difficult to achieve since the policy setting company doesn't have a view into the settings.
  • Multiple locations to manage licensing can have limitations if only a single Microsoft licensing agreement exists.
  • Security of company information is in the hands of each company managing its own portal.
  • Compliance configurations are hard to regulate and enforce on an individual and consistent level.

If you have any addtional questions or would like to discuss, please contact us.

Welcome to the Interlink Cloud Blog

All content provided on this blog is for informational purposes only. The owner of this blog makes no representations or warranties regarding the information from our partners or other external sources.

Blog Categories

Interlink Cloud
Interlink Cloud
5 post(s)
Tips and Tricks
Tips and Tricks
2 post(s)
Outlook
Outlook
2 post(s)
Reporting
Reporting
1 post(s)
Cloud Storage
Cloud Storage
2 post(s)
Webinars
Webinars
14 post(s)
OneDrive
OneDrive
5 post(s)
Yammer
Yammer
3 post(s)
Azure
Azure
19 post(s)
SharePoint
SharePoint
9 post(s)
Microsoft
Microsoft
6 post(s)
Lync
Lync
8 post(s)
Office 365
Office 365
55 post(s)

Blog Archive