Template
Azure Information Protection & Advanced Threat Protection | SysOps
Industry: IT Solution Provider
Location: USA
Problem
The customer did not have information protection in place. The documents and corporate information files were not classified (in terms of information’s need for protection). The organization also lacked end-to-end protection and control for sensitive data. Lastly, the customer did not have a formal way to respond to malicious data usage activities.
The company needed to leverage their on-premises Active Directory signals to identify, detect, and investigate advanced threats, compromised identities, and malicious insider actions directed at their organization.
The company had to focus on mobile device management (MDM) and mobile application management (MAM). So they’d be able to control how their organization’s devices would be used, including mobile phones, tablets, laptops and specific need based applications having full transparency.
The Solution
Allied Consultants designed and deployed the following Azure Components to meet client requirements. Adoption of Microsoft Threat Protection which includes Microsoft Defender’s Advanced Threat Protection, Office 365’s Advanced Threat Protection, Azure’s Advanced Threat Protection, and Microsoft Cloud App Security to reduce infrastructure and provide an integrated security solution to protect the workforce.
In this project, Allied Consultants have deployed:
• Deployed Office 365 Advanced Threat Protection
• Implemented Azure Advanced Threat Protection & Microsoft Cloud App Security
• Configured Azure Information Protection (AIP) and Windows Information Protection (WIP).
• Arranged sensitive groups and user profiles.
• Download and setup ATP Sensors on all Domain Controllers.
• Configured Auto Incident and response along with Advanced hunting across devices.
• Worked on Auto classification and Labeling / Encryption of data.
• Configured MDM, MAM in Intune for Patch management.
• Configured WIP Policy to protect Enterprise data on end devices.
• Configured enlightened applications.
• Configured and designed the Data Leak Protection policy for the data at rest.
The following components and services were configured:
• Azure advanced threat protection.
• Windows Defender ATP
• Azure Information Protection & Office 365 Security & Compliance.
• Azure MDM.
• Azure DLP.
• Azure Information Protection Client (Unified Labeling Client) Deployment.
• Azure Information protection.
• On-Premises – Azure information scanner for Network Shares and Share Point Sites.
• Azure RMS.
• Azure ATP
Results & Benefits
• Protection of End devices with Antivirus and Anti-malware.
• Security Analysis capabilities to Security Engineering Team.
• Automate Threat response in the cyber-attack chain.
• Protection of Azure AD Identities.
• The client can implement unified data governance and compliance policy to all the Cloud-based services running in their tenant.
• The client enforces the policy that controls end devices with its approved business applications.
• The client can protect Data Leaks from their Azure/Office 365 Cloud Tenant.
Tech Stack
• Azure SysOps
• Azure Information Protection
• Azure Advanced Threat Protection (ATP)
• MAM & MDM