![]() To ensure that a customer’s cloud workloads are protected, it is important that they carefully consider and implement the appropriate architecture and enable the right set of configuration settings,” according to the Best Practices for Securely Using Microsoft 365 – The CIS Microsoft 365 Foundations Benchmark blog by Microsoft’s Jonathan Trull and Sean Sweeney. Adopting cloud technologies requires a shared responsibility model for security, with Microsoft responsible for certain controls and the customer responsible for others, depending on the service delivery model chosen. “Microsoft 365 provides powerful online cloud services that enable collaboration, security, and compliance, mobility, intelligence, and analytics. The world-renowned Center for Internet Security (CIS) understands this and has detailed guidance to help secure the Microsoft SaaS platform in its CIS Microsoft 365 Foundations Benchmark. Unfortunately, Microsoft Office 365 doesn’t protect itself, and standard security tools only do part of the job. The Microsoft SaaS platform holds user identities, and according to experts, 80% of your confidential data. Leveraging templates and the Jamf Pro API, all workflows live directly within the customer’s Jamf Pro instance and operate independently of any external applications or servers.Microsoft Office 365, or Microsoft 365 as it is now called, is a major attack surface hackers just love to poke. Mann Consulting is a Jamf MSP that provides Jamf customers with a monthly subscription-based service featuring workflows ranging from automatic application patching to software update enforcement and more. Are you auditing which System Extensions computers are running? What about requiring that any on-disk unencrypted private SSH keys are encrypted? Do you know which applications your computers have granted microphone access to? These additional security controls help you secure devices beyond the foundational CIS recommendations. ![]() In addition to standard controls, a number of best practice controls are available to enhance your security posture. This allows you to specifically tailor each control to your unique security policy. Maybe you’d prefer to allow iCloud, but disable Mail and Calendar sync? Instead of having to choose to disable everything in a specific control, you have the flexibility to choose to audit and/or remediate parts of controls. ![]() Many CIS controls allow for some flexibility based on your organization’s needs.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |