13 June 2018
Kaon Security offer a 60 point deep dive audit service designed to minimise any risk and uncertainty you might have about the security of your Microsoft 365 environment. The audit service will be of interest to organisations that have already deployed Microsoft 365 or organisations that are starting their transition to this service.
Our experts will gather relevant information to verify your Microsoft 365 service is secured properly and that key settings are enabled correctly.
Some of the areas we will investigate and verify include – user access, data security, email filtering, malware detection, storage security and calendar security.
At the end of the exercise Kaon Security will provide your organisation with a detailed report that includes the following information –
1. An Executive Summary of the 365 environment review, a risk analysis commentary and security recommendations. Specifically written for business people this section will allow you to discuss how to improve your Microsoft 365 security posture with Senior Executives.
2. A detailed “Key Observations” section for the CIO or IT Manager which covers our security findings, a risk analysis commentary and our recommended next steps for remediation.
In August 2017 two key findings in the Microsoft Security Intelligence Report were -
The intelligence gathered for the Microsoft Security Intelligence Report comes from security-related signals from the consumer, commercial “on-premise” and cloud based services that Microsoft operates globally.
Contact us if you would like to discuss the Microsoft 365 Security Configuration Audit Service.
It would be difficult not to have seen or heard recent coverage in the media regarding data privacy matters.
In the latest release of the IT Policy System (Version 18) we have taken into account the requirement for organisations to protect Personably Identifiable Information (PII). To this end we have included new and additional policy content covering PII protection-specific controls. There are 12 additional PII protection controls which are categorised to correspond with the privacy policy and the 11 privacy principles of the ISO 29100 framework. Click Here for more details.
If your business needs to understand how to implement practical steps to better protect data or you are impacted by the arrival of GDPR then you can Contact Us for a confidential discussion.
Please also note that version 18 of the IT Policy System has also been mapped to the ISO 27017 Cloud Computing Standard. This sees additional policy statement details being added to the Cloud Computing Policy covering - termination of a cloud service contract, management of encryption with the cloud service provider and the use of a virtual environment to host a cloud service.
All customers with current maintenance contracts for the IT Policy System will receive details on their free Version 18 upgrade in the next 14 days. Should you wish to obtain any information in the interim then please contact us.
A strong security culture breeds better employee engagement. That must come from the top down.
Click Here to read about our Cyberecurity Improvement Program.