Assess Security Risks and Endpoints to Improve Security Readiness 

With the surge of sophisticated attacks targeting intellectual property and customer records, every organization is at risk. Softlanding’s IT Security Assessment is a 5-day hands-on workshop designed to evaluate your practices, procedures, endpoints and technical controls for weaknesses. The assessment takes a holistic approach to the protection of both on-premises and cloud-based systems and data - uncovering and prioritizing technical and non-technical security gaps within the organization.

Identifying the five facets of security: Users, Devices, Data, Apps, and Network - Softlanding will provide a thorough investigation and whiteboarding to understand and demonstrate how strong each layer is.

Softlanding's Endpoint Security Assessment provides you with:

 

Introduction: Envisioning & Goal Alignment 

  • Prevention and assumption of a breach

  • Steps of defence in depth across all security layers

  • Examples of modern breaches (how they get around your amazing $40,000 firewall)

Protect Users

  • Detect potential vulnerabilities affecting your organization's identities 

  • Configure automated responses to detected suspicious actions that are related to your organization's identities

  • Investigate suspicious incidents and take appropriate action to resolve them

  • Specifics: Azure Active Directory, Rule of Least Privilege, Administrative Account and Workstation Separation, Administratie Password Management

Protect Devices

  • Outline risks related to today's most popular mobile device platforms and technologies, along with methods by which an organization may assess its exposure to these risks

  • Perform threat modelling to identify risks of endpoints and improve encryption

  • Specifics: Microsoft Intune or other MDM, Endpoint Protection, Patching (WSUS/SCCM), AppLocker/Software Restriction Policies

Protect Data

  • Control and secure email, documents and sensitive data stored outside company walls
  • Encryption of 'at-rest' and 'in-flight' data (Bitlocker; https, smb3, etc.)
  • Specifics: Azure Information Protection/RMS

Protect Apps

  • Harden existing Microsoft technologies: Exchange, SharePoint and on-Prem Skype for Business

  • Specifics: Cloud App Security, OWASP Top 10 Vulnerabilities

Protect Network and Wrap-Up

  • Assess current network architecture with audit of hardware, software, backups, and performance

  • Develop an action plan to properly deploy "low hanging fruit" technologies and best-value purchases for full-scope security

  • Specifics: Network Architecture, Azure Security Center, Advanced Threat Analytics, SIEM, Firewalls, Secure Application Publishing (AADProxy/WAP/WAF)


Customer Value of an Endpoint Security Assessment

Security Peace of Mind

By uncovering vulnerabilities before they’re exploited, any organization can save money, time and its reputation. Engaging in a security assessment can ensure your organization is meeting security objectives through all layers.

Understanding and Prioritizing Security Investments

With new attacks coming to the scene every day - a security assessment will increase awareness and understanding of security issues throughout your company. In making smart security investments by understanding top-priority risks, your organization can make high-payoff investments in improving protection.

Adopting Best Practices

Assessing each layer of security: Users, Devices, Data, Apps and Network - Softlanding can measure and compare your security practices, procedures, endpoints and technical controls with your peers and keep your organization in line with industry best practices.