Interlink Cloud Blog
Matt Scherocman

Six Reasons Microsoft Azure SQL Database Provides the Best Data Security Around

Six Reasons Microsoft Azure SQL Database Provides the Best Data Security Around

Companies leveraging the cloud for business have a multitude of options. They also have a lot of security concerns when transitioning their data to the cloud. Microsoft has built on the SQL Server foundation, bringing a new level of security to help ease the mind of these cloud-driven companies with six enhancements. All of which are crucial reasons to consider Microsoft Azure SQL Database as your company’s cloud platform of choice:

  1. Always Encrypted: Exactly how it sounds, Always Encrypted means your data remains encrypted…all the time to help you protect sensitive data. Data is encrypted in transit, in memory, on a disk, and during query processing.

  2. Transparent Data Encryption: For those of us constantly keeping up on compliance regulations and requirements, this encrypts databases with associated backups as well as transaction log files without needing changes to your applications. The audit trail is clear in order to stay in compliance while keeping data safe from any breach.

  3. Row-Level Security: This feature can limit access to individual rows of data based on a user's identity, role, or query execution context to ensure only the right people can view that data. This also simplifies the application code so that data isn’t accidently shared in any situation.



  4. Azure Active Directory (AD) Authentication: Different from SQL Authentication, Azure AD
    Authentication simplifies password management by allowing you to access a number of Azure services using the same identity. This does not compromise the level of security. It reduces the amount of IT time spends on retrieving lost passwords and login details while maintaining access control every step of the way.

  5. Dynamic Data Masking: Another, more sophisticated, form of encryption allows users to define masking patterns on actual database columns. For example, users can set a masking rule that masks all but the last four digits of any social security number in the result set of any query to ensure that sensitive data is truly safe.

  6. SQL Database Threat Detection: This feature alerts set users of any suspicious database activities automatically and complements Azure SQL Database Auditing, which records database events and writes audited events to an audit log in the Azure Storage account. 

    Microsoft Azure SQL Database Security

Both features are great examples of how users can monitor and quickly respond to risk. Advanced Threat Analytics is yet another approach to helping users stay ahead of sophisticated malware attacks.

Another (bonus) reason to consider Azure SQL Database that’s best shared through this diagram, courtesy of Microsoft Azure, is that SQL Server’s track record speaks for itself. When you’re in the cloud, you can’t be vulnerable and SQL Server lives up to that motto…six years running!

microsoft azure sql database unparalleded security

Data security in the cloud isn’t a set it and forget it process. It is a constant work in progress because the security risks keep changing and technology keeps advancing. Choosing Microsoft as your partner in mitigating those risks is a smart and educated decision in keeping your data safe.

Learn more about these security enhancements by downloading the Security and Azure SQL Database whitepaper and contact us at Interlink for more information.

SQL Modernization Assessment Ad

 

Matt Scherocman

The Struggle is Real: How to Deal with the Growth and Sophistication of Cybercrime with Microsoft Advanced Threat Analytics

The Struggle is Real: How to Deal with the Growth and Sophistication of Cybercrime with Microsoft Advanced Threat Analytics

As business changes and technology evolves, the majority of organizations depend on IT systems to store their data and run critical workflows. Unfortunately, these systems can be a prime target for cyber-attacks as sophisticated hackers put the enterprise in a vulnerable position. Just take note of these especially stunning stats:

  • 76% of attacks stem from compromised user credentials
  • The average cost of a data breach to a company is $3.5 million and total cost of cybercrime on a global scale is as high as $500 billion
  • Because of dangerous IT security blind spots (shown in the image below), it could take over 200 days to detect an attack

    IT blind spots Microsoft Advanced Threat Analytics

Stats courtesy of Microsoft Advanced Threat Analytics Datasheet.

The reality is, businesses need to pay attention and adapt to this changing nature of data security threats.

Now available in the Enterprise Mobility Suite, Microsoft Advanced Threat Analytics (ATA) helps to protect your company from attacks by leveraging machine learning. It uses behavioral analytics to uncover suspicious behavior, internally or from external attacks. It also detects known security issues and risks , the goal is to stay  one (or two, or three) steps ahead of the attackers.

Microsoft Advanced Threat Analytics

When you think of security software, your mind might immediately turn to configuring system rules and alerting. All of which take time and commitment from your team. With ATA, you don’t need to create rules, baselines, or thresholds. It’s streamlined from setup and works immediately. Once a threat is detected, it’s also easy to view a timeline of when the attack hit. It can help pinpoint where the breach took place. All of this insight can better prepare you for future attacks.

The thought of being hacked and not even knowing it is scary enough, but ATA also helps identify internal threats like why a user would be accessing files in accounting if they’re in the marketing department? Combined with online security reports, ATA can show anomalies for logins.  It will help detect when user credentials have been compromised by reporting geographically distant logins that occur at the time time – like a single user being logged in from Ohio and from Romania at the same time.  

The high-level benefits of using ATA at your business are obvious. Peace of mind goes a long way, and you also want it to help you adapt as cyber-attacks grow in frequency and sophistication. The features of ATA are even more appealing when you see exactly how it works for your business. Here are a few of our favorites:

  • Timeline: We’ve already mentioned that timeline, but it’s worth noting again. In addition to listing the activities as they occur, ATA provides recommendations on how to handle that alert.
  • Organizational Security Graph: This maps out entity interactions which represents the context and activities of the users, devices, and resources. This will be a big driver in managing security for each of your users.
  • Email Alerts: There’s no need for one person to be continuously monitoring for cyber-attacks. With ATA, you can have emails sent to users or groups when suspicious activity is detected.
  • Leveraging the Cloud:  Microsoft cloud based correlation engine helps more quickly identify new attacks and reduce the amount of false positives. 

The cyber-attack threat is real and ATA can help you adapt to the changing cyber-attack world we live in.

Contact Interlink if you any questions.

 

Matt Scherocman

How To Protect Your Users From Ransomware and Vicious New Maladies Hidden In Your Incoming Email

How To Protect Your Users From Ransomware and Vicious New Maladies Hidden In Your Incoming Email

Protecting Your Email with Exchange Online Advanced Threat Protection 

With the constant threat of malware, companies have to constantly find ways to stay ahead.  How do you protect your data from these threats when they are constantly evolving and becoming more aggressive?  Microsoft has a solution in Exchange Online called Advanced Threat Protection (ATP).  It is another layer of must-have security that Microsoft offers to meet all your business needs. 

[...]
Matt Scherocman

Important Notice About Certificate Expiration for Exchange 2013 Hybrid Customers

Attention customers running Exchange in hybrid mode

Microsoft is making a change on April 15th that will possibly break mail flow from your on-premises environment to the Office 365 platform.  

This will have no impact on you if you are not running Exchange in hybrid mode. Please see the full details below on who will be affected. 

Our team is standing by to assist you with this change if needed to ensure mail flow is not interrupted.  


If you’re running Exchange 2013 and you’ve configured a hybrid deployment with Office 365, this post contains important information that might impact you. Please evaluate this information and take any necessary action before April 15, 2016. 

On April 15, 2016, the Office 365 TLS certificate will be renewed. This certificate is used by Office 365 to provide TLS encryption between Office 365 and external SMTP servers. The new certificate, which will help improve the security of mail sent to and from Office 365, will be issued by a new Certificate Authority and it will have a new Issuer and Subject.

This change has the potential to stop hybrid mailflow between Office 365 and your on-premises Exchange servers if one of the following conditions applies to you:

  • Your on-premises Exchange servers are running Exchange 2013 Cumulative Update 8 (CU8) or lower.
  • You’ve upgraded the Exchange 2013 servers that handle hybrid mailflow to Exchange 2013 CU9 or higher. However, since upgrading to CU9, you HAVE NOT re-run the Hybrid Configuration wizard (either from the Exchange Admin Center or via the direct download link).

If one of the previous conditions applies to your organization, hybrid mailflow between Office 365 and your organization will stop working after April 15, 2016 unless you complete the steps below.

Note: This only affects hybrid mailflow. Regular mailflow and TLS encryption is NOT affected.

How to keep hybrid mail flowing (MUST be completed before 4/15/2016)

Let the new Hybrid Configuration wizard do it for you

You can use the latest Hybrid Configuration wizard (HCW) to configure your Exchange 2013 servers to work with the new TLS certificate. Just follow these steps:

  1. If the Exchange 2013 servers handling hybrid mailflow are running Exchange 2013 CU8 or lower, follow the instructions in Updates for Exchange 2013 to install the latest cumulative update on at least one server.
  2. After you install the latest cumulative update, download the new HCW application and run the wizard following the instructions here.

Note: For information on which releases of Exchange are supported with Office 365, see Hybrid deployment prerequisites.

Manual update

If you can’t upgrade Exchange 2013 to latest cumulative update right now (although we would like to remind you of our support policy), you can manually configure your servers to work with the new TLS certificate. On each Exchange 2013 server that’s used for hybrid mailflow, open the Exchange Management Shell, and run the following commands:

$rc=Get-ReceiveConnector |where {$_.TlsDomainCapabilities -like "**"}

Set-ReceiveConnector -Identity $rc.Identity -TlsDomainCapabilities "mail.protection.outlook.com:AcceptCloudServicesMail

View original article...

Matt Scherocman

Microsoft Office 365: Taking Information Security to a Whole New Level

Office 365 Taking Information Security

Imagine a world where you can continue work without even worrying about security. Microsoft Office 365 is getting closer and closer to that reality with controls that follow your data without affecting user productivity. Microsoft has (and is) investing a ton of time and resources making Office 365 secure, and it goes way beyond hard passwords and data encryption. Below is a quick look at just some of the ways they’re accomplishing this.

Secure Access Anywhere:

Once you set the rules for data loss prevention, the Office 365 service proactively protects in the background. You don’t have to take the data out of the service to protect it. It’s still usable in the cloud while completely secure to your organization based on who you’ve allowed permissions. New identity and access management controls allow you to set appropriate permissions that can be revoked at any time. Better yet, no matter where your data resides, Office 365 protects it while also protecting your device.

Policy Tips:

When you author a document, Office can inform you of any risks through policy tips before you save that document. Policy tips are based on the policies that you have set up in Office 365. When you’re checking email, Office 365 can detect malware before you’re even exposed to it, blocking malicious links across all devices.

Advanced Threat Protection (ATP):

ATP proactively protects against incoming threats. Phishing attacks are becoming more common and definitely more advanced. ATP catches any and all suspicious content and runs it through a real-time behavioral malware analysis. Suspicious attachments and malicious links don’t stand a chance when Office 365 is on the case.

Data Loss Prevention (DLP):

Office 365 backs up your data, sure, but it does it with security top of mind. DLP allows you to set granular policies so that when data is shared, it follows certain actions that you determine.

Productive Artificial Intelligence:

In the future, Office 365 will have the ability to suggest proactive security, giving you a 360-degree view on the security of your data wherever it is stored. To do this, Microsoft is using machine learning, which is implementing pattern recognition so that computers can learn without being explicitly programmed. Yes, artificial intelligence…but not take over the world type AI, beneficial and useful AI for you and your business. Intelligent protection can further help keep your data secure.

These advanced controls, accessibility, and security measures are making Office 365 even better and making users even more productive. For a service that already streamlines business processes, they are covering all the bases of security while they’re at it.

Are you wondering how these security features fit into your overall data protection plan?

Maybe you need insight into how to license the different options?

Contact Interlink and we’ll answer any and all of your questions.
We’ve helped highly regulated industries like banking and healthcare make the move – we can help you.

Office 365 Free Trial

Welcome to the Interlink Cloud Blog

All content provided on this blog is for informational purposes only. The owner of this blog makes no representations or warranties regarding the information from our partners or other external sources.

Blog Categories

Interlink Cloud
Interlink Cloud
6 post(s)
Tips and Tricks
Tips and Tricks
2 post(s)
Outlook
Outlook
2 post(s)
Reporting
Reporting
1 post(s)
Cloud Storage
Cloud Storage
2 post(s)
Webinars
Webinars
16 post(s)
OneDrive
OneDrive
5 post(s)
Yammer
Yammer
3 post(s)
Azure
Azure
23 post(s)
SharePoint
SharePoint
10 post(s)
Microsoft
Microsoft
7 post(s)
SQL 2016
SQL 2016
2 post(s)
Lync
Lync
8 post(s)
Office 365
Office 365
61 post(s)