Category Security

As a part of the Microsoft Security Center, Secure Score automatically rates your Office 365 and Windows 10 environment. By following its recommendations, it can help protect your organization from threats. The score is calculated every 24 hours, and it takes up to 48 hours for every change to a measured action to show in the results.

Every Microsoft 365 / Office 365 admin, or a user with required permissions, can reach an organization’s score via the Microsoft Security Center. There are two types of permissions: read & write (global administrator, security administrator, exchange administrator), and read-only roles (security operator, user administrator, helpdesk administrator, etc.).

In the overview page, score points are divided into these groups:

• Identity: Azure AD
• Data: Information Protection
• Device: Defender ATP
• App: Office 365 email and applications + Cloud App Security
• Infrastructure: Azure resources

It also shows the total score, graph with benchmark comparisons, and a list of prioritized improvement actions.

How to improve your score?

Security recommendations are located in the improvement actions tab. They show the status of each action, for example: completed, not completed, resolved through the third party, and ignored.

“Not Scored” actions are not tracked by Secure Score. If a certain action becomes tracked and if you already completed it, the secure score will reflect the change.

Multi-factor authentication action updates

For secure access, new improvement actions require registering your users or admins for multi-factor authentication.

Solutions included in Secure Score

Secure Score is available for SharePoint Online, Exchange Online, OneDrive for Business, Information Protection, etc. Other solutions that can be tracked are Intune, Azure AD, and Cloud App Security.

Also, Microsoft recently announced that tracking for Azure ATP and Microsoft Defender will be available soon.

Keep in mind that there is no online service that is 100% immune from security breaches, and increasing the Secure Score is not a guarantee against these breaches.

Contact 3 PRO and improve your security today!

Let’s say you are the CEO or another important person in your organization, and you want to set up corporate branding on all your computers with the Windows 10 operating system. Your contracted technical support does not have to connect to each computer individually to set the wallpaper; it can be configured at once.

Also, to decrease the chance of a potential malware attack, it’s good to have a custom login screen for your Office 365 organizational account with a recognizable visual identity.

For corporate branding configuration – wallpapers, lock screens and the login screen – 3 PRO uses scripts and the Microsoft Intune Cloud-based service for device management.

Why is Corporate Branding important for your Business?

In case you represent your organization at an online meeting or you are speaking at the conference, at some point the attenders will see your wallpaper, and will be able to more effectively connect the business brand to the person.

The other scenario is when you need to sign-in to your portal.office.com account – the aim is that the user recognizes that he is on the correct login screen. Many phishing emails will lead to a native look-a-like portal.office.com login screen, so, just to be sure, we recommend setting up the login screen with the organization’s branding. 3 PRO can customize the background, banner logo and additional text for your Office 365 organizational sign-in page.

Three reasons why you should have a corporate logo on your wallpaper and login screen

1. It grows confidence – corporate identity can indicate a strong commitment.
2. It raises brand awareness – you want to achieve that customers associate positive experiences with the company’s visual identity.
3. It shapes loyalty – a very important thing is to win the hearts of your customers.

Contact us for more information about corporate branding configuration and Intune.

Almost every email user is a target of malware emails. They often appear as fake documents, links (URLs), etc. To prevent unpleasant situations, we suggest the implementation of Office 365 Advanced Threat Protection, which provides an additional layer of protection to organizations against malicious attacks.

What can malware do to your computer?

1. Email malware can steal your sensitive data, including passwords.
2. Ransomware can delete or encrypt your files.
3. Suspicious email attachments could include code that can download more malware onto your computer.
4. It can enable a third party to intercept and infiltrate into your correspondence.

What is Advanced Threat Protection?

Advanced Threat Protection is a cloud-based email protection service that keeps your data safe against malware and viruses. It consists of ATP Safe Attachments, ATP Safe Links, anti-phishing policies, ATP for SharePoint, OneDrive and Teams, real-time reports, and threat trackers. The main task of the mentioned features is to safeguard an organization from harmful links that are part of a message or an Office document, and to safeguard email and documents in real-time.

In order to successfully detect malicious activities, all features use a variety of machine learning and analysis techniques.

ATP is included in the Office 365 Enterprise E5 plan; it is also possible to purchase it as an add-on to the following Office 365 plans:

• Office 365 Business Essentials
• Office 365 Business Premium
• Office 365 Enterprise E1
• Office 365 Enterprise E3
• Office 365 Enterprise F1
• Office 365 A1
• Office 365 A3

Contact 3 PRO and protect your organization today!

GDPR (General Data Protection) uredba je prilika da vašim korisnicima osigurate povjerenje, no kako biste uskladili svoje poslovanje s navedenom regulativom preporučamo implementaciju kvalitetnog sustava.

Kako Microsoft 365 paket može pomoći zaštititi osjetljive podatke?

Microsoft 365 je ultimativni paket koji vam daje sve potrebno za normalno funkcioniranje poslovanja, a sadrži: Windows 10, Office 365 i Enterprise Mobility + Security.

Dodatne stavke koje dolaze u paketu, a značajne su za zaštitu osjetljivih informacija, su:

• Compliance Manager
• Compliance Score
• Azure Information Protection

Procjena i upravljanje rizikom s Compliance Managerom

Kako bi bili sigurni da ste usklađeni s GDPR regulativom, povremeno je potrebno izvršiti procjenu rizika, a to možete učiniti s Compliance Managerom.

Dostupan je za sve Azure, Dynamics 365 i Office 365 korisnike.

Procjena rizika s Compliance Score

Compliance Score je zapravo dodatna značajka Compliance Managera, ali je trenutno dostupna samo za Office 365. Prikazuje ocjenu razine rizika, a za svaku kontrolu dodjeljuje težinu rizika.

Zaštita osjetljivih podataka na on-premises infrastrukturi

Za hibridna i on-premises rješenja tu je Azure Information Protection skener koji omogućava automatsko otkrivanje, klasifikaciju, označavanje i zaštitu dokumenata, a može se podesiti i da periodički skenira on-premises repozitorije.

VAŽNO!

Korištenje određenog softverskog rješenja ne znači samo po sebi GDPR sukladnost Vaše organizacije! Konzultirajte pravne stručnjake oko svega što je potrebno osigurati, na nivou čitave organizacije, kako biste postigli sukladnost.

Želite saznati više o MS 365? Javite nam se!

Zakonska regulativa zaštite podataka poznata kao GDPR (General Data Protection Regulation) stupa na snagu 25. svibnja ove godine u zemljama Europske unije. No, zbog čega se to tiče vaše organizacije i što se sve mora poduzeti kako bi ju zadovoljili?

Navedena uredba o zaštiti podataka usmjerena je na jačanje prava građana i njihove privatnosti te otkrivanje kršenja osobnih podataka.

Koje su sankcije ukoliko se prekrši GDPR uredba?

Ukoliko se utvrdi da je određena organizacija u prekršaju, tada može biti novčano kažnjena, ovisno o težini prekršaja. Kazne se kreću od 10 milijuna EUR ili do 2% ukupnog godišnjeg prometa u prethodnoj financijskoj godini te, ako se radi o teškom prekršaju, do 20 milijuna EUR ili 4% ukupnog godišnjeg prometa prethodne financijske godine.

Što morate učiniti kako biste zaštitili podatke?

Jedna od metoda jest enkripcija. Osim što šifriranje podataka pomaže pri ispunjenju zahtjeva GDPR-a, omogućava organizacijama da manje brinu o upravljanju podacima u oblaku.

Dužni ste unutar organizacije osigurati i zaštiti sve komunikacijske kanale s korisnicima – od emaila, dijeljenja datoteka, poruka, poziva.

Još niste zaštitili osjetljive informacije svojih korisnika? Javite nam se, mi vam možemo pomoći!