Secure remote work – part 3

What remote work symptoms are the customers experiencing?

  • We are worried about our data now that everyone is working remotely.
  • New cybersecurity threats are rapidly increasing due to the remote work situation–especially phishing.
  • Risk of confidential information getting
    leaked out of the company.
  • Don’t have a handle on all of the cloud app usage–and the potential security risks.

We can help you get a handle on protecting your apps and data as work gets done remotely, while easing the burden of stopping new attacks.

Contact us today for a FREE security consultation!

Secure remote work – part 2

What remote work symptoms are the customers experiencing?

  • All of our workers are remote, which makes managing their devices a challenge.
  • We expect that some people will be using
    their own devices to get work done.
  • We need to get new devices quickly
    provisioned and shipped to our remote workers.
  • We’re struggling with managing the device lifecycle remotely.

We have a solution for your problems: We can help you simplify the management of your remote devices, and protect the apps and organizational data that lives on those devices.

Contact us today for a FREE security assessment of your remote work environment!

Secure remote work – part 1

All the customers have a dual challenge: They have to keep their organization moving while protecting against new security threats that have emerged due to the rapid and universal move to remote work.

What remote work symptoms are the customers experiencing?

  • Keeping up with the sheer volume of remote workers who need access to apps and info.
  • Remote workers are scattered across the globe.
  • We need to provide access to vendors and third parties to get the work done.
  • Mixed apps that include on-prem and cloud make it hard to provide consistent access.
  • Worried about VPN scalability.

Solution: We can help you quickly provide secure and scalable access to your apps, whether they are on-prem or cloud-based by enabling remote access to apps.

Contact us today for a FREE security consultation about your remote work environment!

Top 4 questions to ask yourself about security

Is your nonprofit prepared to handle increasing cybersecurity threats?

  • Do you know who is accessing your data?

Go beyond passwords and protect against identity compromise, while automatically  identifying potential breaches before they cause damage.

  • Can you manage access to your data and assets based on risk in real time?

Manage organization-owned and employee-owned devices to encrypt data and ensure compliance, automatically detect suspicious activities, and quickly block, quarantine, or wipe compromised devices.

  • Can you quickly find and react to a breach?

Help proactively guard against threats, use advanced analytics to identify breaches, and automate responses organization wide.

  • Can you help protect your data on devices, in the cloud, and in transit?

Safeguard content in creation, transit, and consumption. Use cloud applications without putting organization information at risk, by adding protections ranging from access privileges to data encryption.

Protect your nonprofit from unnecessary security risks.

As a Microsoft partner, we can help you better manage your identity and access controls, secure links and attachments in  emails, and stop breaches before they escalate in severity. If your answers to the questions above have raised concerns about manage cybersecurity in your organization, contact us to learn how Microsoft 365 can help protect you against today’s evolving security threats.

Contact us for a free security assessment and to learn more.

Customer Story: Think Up Consulting

Looking to streamline operations, increase efficiency and remain secure?  

Learn from the experience of Think Up Consulting — a young, fast-growing agency in South Carolina that uses Microsoft Teams, Microsoft 365 Business and Windows 10 to increase productivity and do more. 

With 39 team members and 45 ongoing projects at any given time. Think Up Consulting is always exploring and adapting new technology to increase efficiency and better meet customer needs.  

Check out Think Up’s story and contact us to learn how NovaQuantum can help your company use Windows 10 and Microsoft 365 Business to increase productivity and security.

Windows 10 + Microsoft 365 benefits

Work better together and increase productivity

Windows 10 and Microsoft 365 help teams work better together with better tools—from any location:

  • Streamline collaboration—Integrate team chats, meetings, and files in one place to increase productivity with Microsoft Teams.
  • Improve performance with intelligent capabilities—Gain instantaneous analysis from intelligent services like Editor, Designer, and Smart Lookup with capabilities built into Microsoft 365.
  • Enable work from almost anywhere, on any device—Provide secure remote access to employees working from personal devices.

Simplified for you and reduce cost

Free up resources and reduce IT costs over time with Microsoft by simplifying device management and staying up to date:

  • Receive more value—Windows 10 and Microsoft 365 come with features and apps as they are added at no additional cost.
  • Deploy intelligent applications and tools—Work smarter, not harder, with the latest Office apps and intelligent capabilities to enable your employees.
  • Save time on device management—Windows 10 and Microsoft 365 continually update across all apps, so you don’t have to worry about updates, giving you time back.

Securely run and grow your business with enhanced security

Protect against external threats and leaks with security and compliance tools built into your devices.

  • Leverage built-in automated threat intelligence—Threat-protection technologies in Windows 10 help protect against spam, malware, viruses, phishing attempts, malicious links, and other threats.
  • Ensure secure remote access across all devices—Windows 10 and Microsoft 365 continually update across all apps, so you don’t have to worry about upgrades, keeping you compliant and secure.
  • Control access to sensitive business information—Proactively safeguard your organization with enterprise-level security on all apps and devices.

Privacy tips for a digital world

Was that your client’s personal information that
was leaked?

A privacy breach is like having your home burglarized. How would you feel if it happened to you?
What would a privacy breach do to you, as an organization? In addition to the damage to the victim, it would damage our image as soon as it hit the news.
You play a crucial role in guarding your employees and clients’ personal information and fulfilling your legal obligations pertaining to privacy.

Be the strong link!

  • Obtain consent before collecting personal information and only collect what is necessary.
  • Use personal information only for the purposes established by your organization.
  • Destroy, erase or anonymize information when it no longer serves its initial purpose.

CIS Microsoft 365 Foundations Benchmark

CIS 1.2.0 Security Controls for Microsoft 365: a curated list of the most important and least user-impacting security controls that can be audited and remediated.

Account / Authentication
Ensure multifactor authentication is enabled for all users in administrative roles
Ensure that multi-factor authentication is enabled for all non-privileged users
Ensure that between two and four global admins are designated
Ensure self-service password reset is enabled
Ensure that ‘Number of methods required to reset’ is set to ‘2’
Ensure Azure Active Directory Password Protection for Active Directory is enabled in order to protect against the use of common passwords.
Enable Conditional Access policies to block legacy authentication protocols in Office 365.
Ensure that password hash sync is enabled for resiliency and leaked credential detection.
Enabled Identity Protection to identify anomalous logon behavior: Azure Active Directory Identity Protection monitors account behaviors and enables organizations to configure automated responses to detected suspicious actions related to user identities.
Ensure Security Defaults is disabled on Azure Active Directory. The use of Security Defaults however will prohibit custom settings which are being set with more advanced settings from this benchmark.
Ensure modern authentication for Exchange Online is enabled
Ensure modern authentication for Skype/Teams for Business Online is enabled
Ensure modern authentication for SharePoint applications is required
Ensure that Office 365 Passwords Are Not Set to Expire
Application Permissions
Ensure users installing Word, Excel, and PowerPoint add-ins is not allowed
Ensure calendar details sharing with external users is disabled
Ensure O365 ATP SafeLinks for Office Applications is Enabled
Ensure Office 365 ATP for SharePoint, OneDrive, and Microsoft Teams is Enabled
Ensure Office 365 SharePoint infected files are disallowed for download
Data Management
Ensure the customer lockbox feature is enabled: It requires Microsoft to get your approval for any datacenter operation that grants a Microsoft support engineer or other employee direct access to any of your data.
Ensure Data Loss Prevention(DLP) policies are enabled
Ensure DLP policies are enabled for Microsoft Teams
Ensure that shared access signature tokens expire within an hour
Ensure that external users cannot share files, folders, and sites they do not own
Ensure external file sharing in Teams is enabled for only approved cloud storage services
Email Security / Exchange Online
Ensure the Common Attachment Types Filter is enabled
Ensure Exchange Online Spam Policies are set correctly
Ensure mail transport rules do not forward email to external domains
Ensure mail transport rules do not whitelist specific domains
Ensure the Advanced Threat Protection Safe Links policy is enabled
Ensure the Advanced Threat Protection Safe Attachments policy is enabled
Ensure that an anti-phishing policy has been created
Ensure that DKIM is enabled for all Exchange Online Domains
Ensure that SPF records are published for all Exchange Domains
Ensure DMARC Records for all Exchange Online domains are published
Ensure notifications for internal users sending malware is Enabled
Ensure Microsoft 365 audit log search is Enabled
Ensure mailbox auditing for all users is Enabled
Ensure the Azure AD ‘Risky sign-ins’ report is reviewed at least weekly
Ensure the self-service password reset activity report is reviewed at least weekly
Ensure user role group changes are reviewed at least weekly
Ensure mail forwarding rules are reviewed at least weekly
Ensure the Malware Detections report is reviewed at least weekly
Ensure non-global administrator role group assignments are reviewed at least weekly
Ensure the spoofed domains report is review weekly
Ensure the Account Provisioning Activity report is reviewed at least weekly
Ensure the Mailbox Access by Non-Owners Report is reviewed at least biweekly
Ensure Guest Users are reviewed at least biweekly
Ensure the report of users who have had their email privileges restricted due to spamming is reviewed
Ensure document sharing is being controlled by domains with whitelist or blacklist
Ensure expiration time for external sharing links is set
Mobile Device Management
Ensure mobile device management polices are set to require advanced security configurations to protect from basic internet attacks
Ensure that mobile device password reuse is prohibited
Ensure that mobile devices are set to never expire passwords
Ensure that users cannot connect from devices that are jail broken or rooted
Ensure that mobile device encryption is enabled to prevent unauthorized access to mobile data
Ensure that mobile devices require a complex password to prevent brute force attacks
Ensure that settings are enable to lock devices after a period of inactivity to prevent unauthorized access
Ensure mobile devices require the use of a password
Ensure that devices connecting have AV and a local firewall enabled

Microsoft 365 Business: the best edition for SMBs

Many SMB customers have been purchasing Office 365 E3, but we recommend evaluating if the customer is using any of the capabilities that aren’t provided by Microsoft 365 Business. Microsoft 365 Business provides additional device management and protection capabilities that would need to be added to an Office 365 E3.

Comparison of Microsoft 365 Business and Office 365 E3

If Microsoft 365 Business doesn’t include all of the Microsoft 365 capabilities that a you need, you can add many of these services as additional SKUs.