Two days of Teams, Tech and (digital) Transformation?

https://www.linkedin.com/in/iainashall/

After two days (and a bit), Microsoft Inspire has come to an end. An opportunity for the Microsoft global partner community to extend their network and explore what’s coming in the year ahead, this year MS Inspire was a digital experience of webinars and breakout sessions using Teams. ITC Secure is a proud partner and member of the community and is already supporting customers with their Azure security journey.

Security, as you would expect, was one of the key themes throughout the two days. One area of focus was Zero Trust. Due to the COVID-19 pandemic, more users have moved away from the corporate network and are now working remotely. The safety net of the office firewall was removed in a matter of days, and organisations needed to ensure access to corporate data was and remains constantly secure. Zero Trust is built on three principles: verify explicitly, use least privileged access and assume breach. Microsoft have provided a nifty whitepaper to help you assess your Zero Trust maturity available here (or at the bottom of the page, if you like to see what you click).

I was also excited to learn about the improvements coming to Microsoft Endpoint Manager (MEM, previously known as Intune) and its integrations with Microsoft Defender ATP. MEM has a new set of dashboards available under ‘Reports’ to view statistics on employee experience based on content collaboration, communication and teamwork. There’s another for technology experience statistics on boot times for your managed devices and network connectivity to ensure network architecture is optimised.  Between MEM and Defender ATP, organisations have more visibility into potential security issues. For example, it will be possible to raise an alert if a user was to plug in a USB stick, download files and then resign a couple of weeks later. To detect this activity with traditional technologies would take time, if detected at all.

Azure Lighthouse, the secure way for ITC to manage customers’ Sentinel instances, is constantly under development with Microsoft. I was involved in conversations about the reach of Azure Lighthouse and requests from the partner community are high for more integration into the Microsoft Tech stack, such as Microsoft Threat Protection, Microsoft Defender ATP and Office 365 ATP. I am delighted to announce, ITC is working directly with Microsoft to improve the customer experience whilst using Azure Lighthouse.

So to answer the question I posed in the title, yes. Overall, MS Inspire was an insightful event. It increased my knowledge of the partner network and highlighted the vast resources available to ITC, particularly direct support from Microsoft for when customers ask those tricky questions. I was pleased to see the developments in the tech stack and working with Azure Sentinel I can tell you, it doesn’t stop here. Development is constant! Not only will this advance ITC but we can then map these improvements to the services we offer to our customers as soon as they are available, so they can reap the platform benefits from Microsoft plus tailored enhancements from ITC.

ITC Secure offers Sentinel based SIEM and MDR managed services that are already live with several commercial customers. Through proactive threat hunting, our SOC analysts look for and are able to discover threats for both on-premises and cloud environments across email, identity and data. By leveraging the power of machine learning, investigations and remediation of incidents are automated, creating faster response time and ultimately, saving time. Additionally, SOAR capabilities are built in as part of the onboarding phase and we’ll develop these with you over time as the service matures and your requirements change.

Reference:

https://www.microsoft.com/security/blog/2019/10/23/perimeter-based-network-defense-transform-zero-trust-model/