The Telco has been operating for over 2 decades building point to point networks specialising microwave radio networks (‘radio links’). Their customers usually save significant money by building and owning the network instead of starting an ongoing lease plan with a large telecommunications carrier. The microwave networks can be set up almost anywhere (including remote areas) and deliver uncontended data speeds of typically 50Mbps to 5Gbps.
This company have always had high awareness and focus on their environment security and have been early adopters of multiple layers of security systems. With the generally increasing risks of Cyber Security incidents around the world, they wanted to make sure that use of Office 365 in the public cloud was not a weak point in their environment. Email in particular was seen as a common entry point for malicious content even with premium filtering in place, there was still a risk at the user level. A key requirement was to increase security whilst not impeding user productivity.
The Business outcome was to increase the security of information stored in Office 365 as well as;
- Significantly improve brand protection.
- Provide a high level of certainty that users logging into Office365 are legitimate users.
- Lock out any intruders that may currently have undetected access to Office 365 via compromised passwords.
- Provide an added layer of security, scanning attachments and links in emails. Giving users some comfort that emails are safe.
Licensing was changed from Office 365 to Microsoft 365 providing an economic path for gaining additional security related features including Advanced Threat Protection (ATP), safelinks, safe attachments, anti phishing, and conditional access policies. Multi-factor Authentication (MFA) was implemented across the M365 tenancy for all user objects whether actual users or service accounts. Conditional access policies were implemented to block login attempts not meeting policy.
Simple Security Awareness Training has now been used to assist users play a part of the defence of the environment if required. The settings used include, Safelinks/attachments, Conditional access and MFA were embraced by management as an excellent balance of high security and low impact to users.
The solution reduced the account compromise attempts providing a significant rise in the tenancy security score. More emails were being blocked, reducing the risk of users clicking on bad links. The Management Board had an increased level of confidence in the security of the environment. The new IT environment provided the ability to securely use SharePoint to improve collaboration across the team. The business was confident in meeting the security compliance requirements of their government customers.