Publication Date
How do you assess your IT security posture?
Securing IT systems is an endless cycle. New threats requiring innovative solutions, malicious attacks that are increasingly subtle and continue to target users, and now artificial intelligence is coming into play. What options do you have? Is there a way to get rid of these threats for good?
Unfortunately, total IT security is not possible. Companies must therefore rely on mitigating risks to strike a balance between security and functionality based on the criticality of the assets to protect and the financial means at their disposal.
That’s why ITI has developed a zero-trust model based (Zéro Trust) on six fundamental pillars. This 360-degree approach enables organizations to equip themselves with the necessary tools and techniques to protect their sensitive data. To help you get started, here are some questions our IT security teams suggest you ask yourself.
Do you practise identity management?
Users remain the primary target of hackers. Despite training and awareness initiatives, they’re often the first source to be compromised. When a user accesses a company’s resources, several mechanisms are available to confirm their identity and limit their access level and the actions required to complete their tasks.
→ Your checklist for identity and access management:
- Single sign-on (SSO) and multifactor authentication (MFA)
- Identity management and password policies
- Access management
- Conditional access
→ Solutions to explore according to our experts:
- Microsoft Entra ID (Azure AD)
- Microsoft Entra ID Protection
- Microsoft Defender for Identity
Are your devices protected?
Once your user has accessed your systems, it’s important to secure the data flow on their devices and control how they’re used. Keeping the workstations up to date and equipping them with advanced safeguarding solutions like endpoint detection and response (EDR) are essential components of the process.
→ Your checklist should also include:
- Device posture validation
- Workstation standardization by profile
- Endpoint protection from viruses and malware
- Limits to local administrator rights and non-essential functions
- Centralized device management
→ Solutions to explore according to our experts:
- Microsoft Intune
- Microsoft Defender for Endpoint
- Microsoft Defender XDR
Securing devices is a very broad topic. To learn more, visit our page devoted to this subject.
How are you monitoring your apps?
Whether deployed on site and/or in the cloud, apps and their APIs serve as interfaces for circulating and processing data and remain a favourite target for hackers.
→ The control measures to detect anomalies include:
- Information and event management
- App access protection
- Web protection and filtering (SWG and WAF)
→ Solutions to explore according to our experts:
- Microsoft Defender XDR and for APIs
- Microsoft 365 Cloud App Security
- Zscaler Private Access (ZPA)
- Intune app protection policies (APP)
- Fortinet FortiWeb
Be sure to also conduct security tests and code audits. They will allow you to identify and rapidly correct exploitable flaws.
How can you defend your network?
All this data passes through the network, whether wired or wireless. Controls should monitor the data flow and provide real-time protection.
→ To prevent these types of threat, your control list should include:
- Protection of local and wide area networks
- Network access and segmentation (NAC)
- Wi-Fi network security
- Remote worker protection
→ Solutions to explore according to our experts:
- Cisco ISE
- Cisco Secure Access
- FortiGate, FortiClient EMS, FortiAuthenticator
- Aruba ClearPass
- Microsoft Defender for cloud
- Zscaler Internet Access (ZIA)
Unauthorized access may come from various sources. Networks provide multiple entryways to access your data. As they cannot be locked, they should be managed conscientiously.
Is your infrastructure secure?
Adopting the best security practices and implementing proactive management are essential to strengthen the infrastructure’s resilience. You must assess its current version, configuration, accesses and monitoring to detect and block any threats.
→ You’ll want to implement the following:
- Server and container protection
- Security patch management
- Backups (airgap, immutable)
→ Solutions to explore according to our experts:
- Azure Kubernetes
- CommVault Backup and Recovery
- Microsoft Defender for Server
- Microsoft Defender for Cloud
- Azure Arc
Local servers, cloud, virtual machines, containers, microservices—every option presents a potential target that requires protection.
What about your data governance policies?
Data governance means safeguarding your business’ data confidentiality, integrity and availability, even beyond the company’s secured perimeter. It involves implementing robust solutions supported by stringent policies.
→ Your checklist should include:
- Data classification and protection
- Data lifecycle management
- Archiving and encrypting
→ Solutions to explore according to our experts:
- Microsoft Information Protection
- Microsoft Purview
To learn more, check out this article about data protection.
Continuous monitoring: your best ally
In terms of information security, time is your worst enemy. Continuous monitoring is the best tool for prevention and allows you to respond to incidents faster.
→ Solutions to explore according to our experts:
- Microsoft Sentinel
- Azure Security Center
- Hitachi SOCaaS
- Arctic Wolf MDR
To detect and respond rapidly to any potential security incident, the importance of using a security operations centre (SOC) cannot be understated. It’s the ideal complement to your existing solutions.
