Author: Brian Dagan
Senior IT Security Consultant, FSi Strategies

In a world where the average cost of a data breach last year was $4.45 million and a stunning 72.7% of organizations fell victim to ransomware, all organizations (regardless of size) are facing the same struggles—how can we improve our security posture as quickly and inexpensively as possible? What’s the best way to adopt not just EDR (Endpoint Detection and Response) protection for our devices, but rather an XDR (Extended Detection and Response) platform that has visibility into all security alerting signals—from the identity to the device to the data—and make sense of the avalanche of alerts across the ecosystem of deployed security solutions?

Security solution vendors (and the MSPs that leverage combinations of them) will often claim that their combined portfolio of individual products are the only solution for each discrete security problem at hand—whether it be ensuring users are securely authenticated to corporate resources, protecting the devices from novel viruses and malware, filtering out the deluge of phish & spam, keeping devices updated & healthy, or discovering sensitive data across the entire estate. Unfortunately, these solutions and the alerts generated by them often end up in silos, with no correlation or synergies between them, making it easy to miss the “big picture.”

At FSi, our approach is different. Our Protect offering, which is part of FSi Total Care Managed Services, exclusively leverages Microsoft platform security features to configure a secure baseline, correlate alerting signals across the estate, and provide the holistic security posture management required to meet the challenges of enabling & maintaining a zero trust-driven architecture in today’s complex security landscape. Our implementations are based on Microsoft’s best practices combined with FSi’s decades of engineering experience to ensure that each Microsoft product works seamlessly and synergistically to protect your identities, devices, and data.

We use Microsoft Entra ID to protect the identity by requiring Multi-Factor Authentication, allowing Self-Service Password Reset, and configuring Conditional Access Policies that can detect and respond to risky user/sign-in actions. For customers with legacy on-prem/cloud-hosted Active Directory Domain Services, FSi uses Defender for Identity sensors to check for reconnaissance, privilege escalation attempts, security misconfigurations and over-privileged users.

The device is protected by Microsoft Intune and Microsoft Defender for Endpoint working together. Intune secures mobile devices, workstations, and laptops by keeping Microsoft software up to date, checking the device’s health (and sending it to Entra ID to help assess device risk), and enforcing strong baselines for how Intune-enrolled devices are managed & secured. Intune and Defender for Endpoint use FSi-customized, Microsoft-recommended security settings to help stop malware (viruses, ransomware, rootkits, etc.) from running on your organization’s devices.

The data is protected by Microsoft Defender for Office 365 and Microsoft Purview Discovery. Defender for Office 365 helps you filter spam, phishing, malware, viruses, and questionable links, while Purview Discovery assists with identifying sensitive data locations & sending/sharing patterns to inform future tagging & protection efforts. FSi also helps you fix any issues with your e-mail domain security (SPF/DMARC/DKIM), so that your e-mails are delivered reliably, and your domain is less likely to be impersonated by bad actors.

Underpinning FSi’s security offerings is FSi Threat Monitoring & Disruption —the monitoring, automatic remediation (and escalation), and centralized security reporting that enables comprehensive visibility into your security posture. Additionally, and exclusively for Protect customers, FSi provides on-demand webinars reviewing the latest cybersecurity developments and best practices, as well as recapping remediated threats, monitoring & remediation improvements, and the performance of the all-important human element: how well your users performed on regularly scheduled phishing simulations. With appropriate licensing, we will help your organization run automatic, reportable, convincingly-simulated phishing campaigns that empower your users to correctly identify, report and block phishing attempts (and train those that are phishing-susceptible). Finally, FSi’s network monitoring & management, server management, and backup & disaster recovery platforms ensure continuity of operations and secure storage & recovery of on-prem data.

There’s a lot more to Protect than we can fit in a single blog post, and we’re happy to help! Whether you’re just getting started on your security journey or are seeking to ensure your organization is up to date having implemented the latest security guidance, FSi Protect can provide the holistic protection that the modern world demands.

Download our OnDemand Webinar, FSi Protect: Modern Security for Modern Work, highlighting the key features of FSi Protect, or contact us today to learn more about how FSi Protect can keep your organization secure.