Security Phase 3- Overview

Let’s face it, gone are the days when installing antivirus was a sufficient cyber security strategy. New threats and vulnerabilities are being discovered daily, end users can access company data from anywhere, and the overall control of where data is flowing is difficult to control without appropriate understanding of where the data is and how it is being protected.

The Miller Group is set out to implement a comprehensive while cost-effective security program that encompasses the various layers of protection that every small to medium business needs to succeed in today’s competitive market. Our goal is to build trust through consultation to ensure we have identified the controls needed but also to help to educate you on your organization’s risks and future considerations.

Our typical cyber security journey is accomplished through 3 phases of implementation and then ongoing maintenance and monitoring processes to ensure the controls are sufficient in this forever changing threat landscape.

What Security Controls Are Being Implemented in Phase 3?

Identity Protection and MFA

Ensure best practices are being followed for “least privileged” access
- Restrict persistent browser sessions for administrator roles
Configure standard Microsoft 365 Groups and assign users
Enforce MFA for all users and administrators
Block Legacy Authentication
Set M365 Passwords to Not Expire
Enable Self-Service Password Reset for end users
Restrict Guest Access control to specified internal users

Email Security

Email Authentication (outbound)
- Configure SPF, DKIM, DMARC
- Disable SMTP
Threat Protection (inbound) for email and files
- Link / Attachment Protection
- Anti-Spam, Anti-Phishing Protection
- Anti-Malware Scanning; Zero-Hour Auto Malware Purge
- Block IP Allow List
- Impersonation Protection

File Storage, Sharing, and Collaboration

Teams / SharePoint / OneDrive

Prevent meeting participants from requesting control of your computer
Block 3rd party file sharing and file storage

Remove default Teams Meetings Settings
- Block Anonymous users from starting a meeting
- Restrict automatic admittance to meetings
- Block contact to Skype Users
- Allow only the meeting organizer to record meetings
Remove "Anyone Links"
Configure guest access to expire and require reauthentication after 30 days
Block custom scripts from running

Compliance and Information Protection

Initial Retention Policies
External email sender warnings
Initial Data Loss Prevention (DLP) Policies
Initial Email Encryption / Sensitivity Labels
External Microsoft 365 Backup
End User Security Training + Simulated Phishing Testing

Ongoing Maintenance Tasks

Monitor and review administrative privileges
Adding / removing users
Ongoing user support of security controls implemented in Phase 1

Requirements

Dedicated point of contact to answer questions timely and authorized to make decisions on security direction for your organization
Already utilizing Microsoft 365 for email and Office apps
Purchase Business Premium Licenses and assigning to appropriate users
Moving completely to the cloud in the near future? Let's do that first and/or in cooperation with Security Phase 1 but that can be determined in the initial consultation.

Implementation Process

Day 1

Initial Consultation

Our account management team will walk through the various security controls, discuss options, answer questions, and work with you to define the scope of the project.

Day 1

Technical Discovery & Planning

Our project team will dig through the various systems to determine the technical needs and build the project plan based on the defined scope.

Day 1

Client Review & Approval

We will prepare a Statement of Work for you to review and approve that will cover the implementation plan and associated project fees.

Day 1

Prepare Schedule & Educate End Users

We will provide you with an estimated project schedule and also provide emails to the end users that will let them know what changes to expect throughout the project.

Day 1

Implementation & Support

In accordance to all steps completed prior, we will implement the project plan and dedicate support resources to quickly address any issues that may arise.

Day 1

Closure & Documentation

We will confirm all steps have been completed to your and our satisfaction, update documentation for future support measures and prepare for future implementation of additional security controls.

Day 1

How Will These Security Controls Affect End Users?

Register for Multi-Factor Authentication (MFA): on scheduled day, each user will need to enroll and configure MFA on their mobile devices and one other MFA method (SMS, secondary email, etc). If they do not register in a timely manner, access to their applications could be blocked.
- Be Aware of Fraudulent Login Attempts: If users are being prompted for MFA when they aren't actively logging in, they need to report as fraud via the app so our team can investigate.

Clicking On Links: When a user clicks on an external link from within Outlook, Teams, SharePoint, OneDrive, the link will first send them to a “scanning” environment to check the destination to ensure it is a safe place to go.

Self-Service Password Reset: End users will now be able to reset their own passwords for their Microsoft 365 account.

External Email Warning: Emails received from external users will have a header at the top letting them know the message is from outside the organization and they should be cautious when clicking on links or opening attachments.

Encryption and Labeling Sensitive Information: All users with Business Premium licenses will be able to send encrypted emails by selecting the sensitivity label from within Outlook prior to clicking send.

Current Administrators: Anyone with a current administrator role within their "daily user" account, we will be removing their admin access and provide a new, unlicensed account if the administrative privileges are deemed necessary.