![]() ![]() It took us about five or six hours, spread over several days. “I recently went through this with a 5,000-seat hospital, going line by line implementing the CIS controls. Each organization must still evaluate their specific situation, workloads, and compliance requirements and tailor their environment accordingly.” Meeting the CIS M365 ChallengeĬoreView, and our solution architect Matt Smith, dissected the CIS benchmark, and are working with enterprises to adopt CIS guidance and manage and enable the 73 different CIS controls – largely in the areas of Zero Trust, Least Privilege Access, and compliance. The benchmark should not be considered as an exhaustive list of all possible security configurations and architecture but as a starting point. “The CIS Microsoft 365 Foundations Benchmark is designed to assist organizations in establishing the foundation level of security for anyone adopting Microsoft 365. To ensure that a customer’s cloud workloads are protected, it is important that they carefully consider and implement the appropriate architecture and enable the right set of configuration settings,” according to the Best Practices for Securely Using Microsoft 365 – The CIS Microsoft 365 Foundations Benchmark blog by Microsoft’s Jonathan Trull and Sean Sweeney. Adopting cloud technologies requires a shared responsibility model for security, with Microsoft responsible for certain controls and the customer responsible for others, depending on the service delivery model chosen. “Microsoft 365 provides powerful online cloud services that enable collaboration, security, and compliance, mobility, intelligence, and analytics. The world-renowned Center for Internet Security (CIS) understands this and has detailed guidance to help secure the Microsoft SaaS platform in its CIS Microsoft 365 Foundations Benchmark. Unfortunately, Microsoft Office 365 doesn’t protect itself, and standard security tools only do part of the job. The Microsoft SaaS platform holds user identities, and according to experts, 80% of your confidential data. Microsoft Office 365, or Microsoft 365 as it is now called, is a major attack surface hackers just love to poke.
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |