Microsoft 365 Business can help you consolidate some of the point solutions across productivity and security that create risk and complexity for any small business.

Here is a comparison between various third party tools/services and Microsoft 365 Business suite of products:

• Cloud identity management — Jumpcloud
• Azure Information Protection for Information Rights Management
• Barracuda Essentials for email anti virus and DLP
• Airwatch Express for the endpoint management system for SMB.

As a trusted Microsoft partner, we can help you subscribe and set up all the advanced security features of Microsoft 365 Business: contact us today!

To enable a proper business continuity strategy, you need to have all the various parts that form a well designed game plan for when things go wrong.

In the cloud-enabled model of application and data availability and resiliency, costs—across the board—are lower for a holistic backup, disaster recovery, and archive plan.

• High availability: When your applications have a catastrophic failure, run a second instance. Ensuring high availability (99.999% uptime) while the most expensive resiliency plan, is significantly more affordable in the cloud. With hyper-scale cloud, like Microsoft Azure, a spike in demand or traffic isn’t something to worry about. Now the scale you need is a few clicks away. With Azure, you’re able to scale up or down based on demand, in just a few minutes. Cloud also gets rid of the need for multiple or offsite datacenters. Workloads running in Azure are powered by always up Azure global datacenters. Azure is also pay-as-you-go, so you’ll only be charged for what you need. With cloud, high availability is available to everyone. Make sure that you’re always up and avoid the negative impact on your productivity, brand, and profits.

• Disaster recovery: When your applications have a catastrophic failure, run them in Azure or a secondary datacenter. Like high availability efforts, traditional disaster recovery (DR) is very expensive. Similarly, a cloud-based model for DR is significantly less expensive and more efficient than the traditional approach. No one can predict the future and even an hour of downtime can spell disaster for a business. Azure democratizes DR efforts and makes them a reality for every business. With Azure, businesses can rid themselves of the cost and overhead associated with the necessary redundant and offsite datacenters that come with traditional DR plans. No more servers to maintain, and no more taking assigning mundane service tasks to your IT talent. Azure’s global datacenters make it easy to house apps and data where it makes the most business sense to you, keeping mission-critical workloads stored in remote and secured. With Azure, you’re always prepared for when disaster strikes, able to get back to business in minutes, not hours or days.

• Backup: When your data is corrupted, deleted or lost, you can restore it. Backups are best thought of like a snapshot. They are a moment in your business’s life that is captured for the sake of continuity. In the event that all of your company’s data is lost, you can simply revert to a backup of the previous day, week, month, etc. depending on how often you back up information. With Azure backup, you can further lower the costs associated with already inexpensive backup. Azure backup is extremely affordable, so even small businesses with fixed IT budgets can afford it. It grants users anytime, anywhere access to their data from neatly any device. Backup data is housed safely offsite, in the event of a natural or human disaster.

Our Managed Azure Services can help with all of them!

This security configuration benchmark covers foundational elements of Google Cloud Platform. The security controls detailed here are important security considerations when designing your infrastructure on Google Cloud Platform. Most of the security controls provided with this release of the benchmark (1.0.0) covers security considerations only at individual Project level and not at the organization level.

Our Google Cloud Platform security services can enable your environment to be fully compliant with this security standard.

Network Security Groups (NSG) :

• Enables network segmentation & DMZ scenarios
• Access Control Lists & Network traffic rules as security group
• Security groups associated with Virtual machines, Network Interfaces, or virtual machine subnets (not GW subnet)
• Rules define a 5-tuple
• Rules are separated into Inbound and Outbound rules
• Rules applied in order of priority
• Network traffic rules updated independent of Virtual machines
• Controlled access to and from Internet

Network Security Group Models : At the subnet level and at the VM level.

Forced Tunneling

• “Force” or redirect customer Internet-bound traffic to an on premises site via default route
• VPN – done per subnet
• ExpressRoute – at BGP level
• Can override with more specific routes via UDR

Network security typically falls into three areas:

• Secure/manage traffic flow between applications, their tiers, between different environments, and other services
• Secure/manage traffic flow between users and the application
• Secure/manage traffic flow between the applications and the Internet

Azure Network security is about building a defense in depth approach.

The usual type of services that need to be protected from the network perspective, can be categorized into those types:

• IaaS services connected to subnets
• PaaS services connected to subnets
• Public facing PaaS services with security lockdown
• Public facing PaaS services with TLS access restrictions

The enhanced Azure Secure Score is attack surface focused and brings three benefits:

• Security Controls – Security recommendations are grouped into logical sets that better reflect your vulnerable attack surfaces.
• Overall score better reflects the overall posture – Your score will only improve when you remediate all of the recommendations for a single resource within a control. That means that your score only improves when the security of a resource improves.
• Security status of individual attack surfaces is more visible – By showing the score per Security Control, the Secure Score page becomes the place where you can get a granular view of how well your organization is securing each individual attack surface.

In order to remediate most of the security controls and improve your Azure Security score, you could very easily use our Managed Azure Services: by enabling compliance with the CIS standard, for example, it is guaranteed that your Azure Security score will increase dramatically.

You must remember as well that our managed security services can Disable/Customize the security policies as they apply to your particular environment, so when the Secure Score is calculated you wont get penalized for the security controls that don’t apply to your particular requirements.

In the past, cybersecurity and privacy were often low on the list of priorities for nonprofits. But, as cyberthreats have increased so have the risks of ignoring those threats. Breaches, compromised data, and cyberattacks can put vulnerable beneficiaries at risk, disrupt nonprofit operations and
services, expose your organization to liability, and tarnish the reputation you have so painstakingly built.

To combat those threats, small businesses need to:

• Identify, assess, and mitigate security risks.
• Stay up-to-date with security best practices and the overall  threat landscape.
• Correctly respond to compliance obligations in a timely fashion.

Azure Security Center and Azure Policies are tools that can help protect your data and cloud infrastructure while maintaining a high level of productivity.

Many small businesses don’t have the resources or the in-house skills to perform those tasks, but you can use the extensive technical skills of NovaQuantum to secure your Azure environment today!

Our skilled team of professionals have extensive security and compliance expertise that can help organizations like yours determine your level of risk, keep your security current, and meet compliance requirements. A great way to begin is with an assessment of your current technology and your level of security measured against a well know security standard like CIS. We’ll also let you know about new options available with the latest Microsoft technologies. Contact us Today!

• We help organizations assess their security posture by providing them with wide visibility of their Azure environment
• We provides security administrators with the guidance, controls and processes to drive improvement by focusing the high value/low risk security controls. We can automate the remediation of those controls, if required.
• We enable security teams to benchmark progress and demonstrate progress to leadership by having regular reports

Cyber hygiene is hard to maintain due to :

• users
• processes
• tools
• technology
• depth of security controls
• breadth of tools
• 1000s of security controls
• ~100 security apps and tools

Here is what manual Security Posture Management looks like in a typical modern business that uses online Microsoft services:

…and here is what the Azure Security Model looks like for any business that makes use of the Azure and Office 365 platforms.

As you can see, the security aspect of ANY Azure environment are very complicated: NovaQuantum, providing managed Azure Security services, is your trusted security partner to drive ongoing posture improvement and help YOU navigate all those complex security details!

Windows Server 2008 and SQL Server 2008 have reached end of support

Without security updates and bulletins released by Microsoft, your businesses could be exposed to security attacks or compliance risks.

July 9, 2019 : End of extended support for SQL Server 2008/2008 R2

January 14, 2020 : End of extended support for Windows Server 2008