CIS Security Controls and Compliance

CIS Security Controls and Compliance Cybersecurity is a persistent worry for CIO’s, CISO’s, Board of Directors and organizational leaders. CIO’s and CISO’s specifically are expected to provide leadership and direction to their IT staff and their broader organization to strengthen cybersecurity postures. Where To Begin One question I have been asked by clients is, “where do […]

Managed Security Services Improve Security & Your Team’s Value

Managed Security Services Improve Security & Your Team’s Value The Power of MSSPs When I was leading technology organizations, one of the most critical and valuable partner vendor relationships was with our managed security service provider (MSSP). They served in three capacities: Around-the-clock 24/7/365 monitoring for malicious activity, including proactive threat hunting. Served as the […]

Teams Android OS Devices Peacefully Coexisting (and Actually Working!) with Microsoft Security and Compliance Policies (Part 1)

Teams Android OS Devices Peacefully Coexisting (and Actually Working!) with Microsoft Security and Compliance Policies (Part 1) Introduction At eGroup | Enabling Technologies, we define as a best practice the implementation of Microsoft Intune to provide device management used by authenticated users in Microsoft 365 tenants. The Intune component enrolls these devices and applies device […]

Use Classification Rules (Instead of Proxy Sets) on AudioCodes SBCs

Use Classification Rules (Instead of Proxy Sets) on AudioCodes SBCs Introduction Admittedly, this title is misleading, but it did get you to look at this article! This is part of our series on securing AudioCodes SBCs based on eGroup | Enabling Technologies’ security mantra of “Trust No One, Harden Everything” and guidance provided by AudioCodes. […]

The Journey to Zero Trust

The Journey to Zero Trust The Zero Trust concept has been around for a while now, and the rise of remote work related to COVID lockdowns supercharged the Zero Trust conversation.  Many organizations had to scramble to enable employees to work remotely but did not have technology environments that were prepared for it.  As a […]

Improving Cloud Security Policies

Improving Cloud Security Policies Our Strategic Advisors find a consistent gap when reviewing our customers’ security policies: a lack of focus on cloud computing. Even in organizations with many traditional policy documents, there’s a lag in updating them for cloud technologies like Microsoft 365. Additionally, the gap widens when it comes to documenting the standard […]

Compliance as Security Technology

Compliance as Security Technology One of my favorite security analogies is that enterprise information security is like an onion. Each layer of the onion represents a different control that secures the data at the center. Common layers are endpoint protection, mobile device management, MFA, firewalls, encryption, security policies, and staff training. All of these (and […]

New Microsoft Defender Security Tools: MDEASM and MDTI

New Microsoft Defender Security Tools: MDEASM and MDTI Cybersecurity is ever-changing. New attacks and techniques are practically created every day. Organizations are getting more complex with multi-cloud environments. Data is exponentially growing and we are losing visibility into our assets due to poor governance. Last week, Microsoft announced two new Defender solutions as a result […]

How to Fearlessly Implement Your Zero Trust Strategy

How to Fearlessly Implement Your Zero Trust Strategy “Zero What?” So what does Zero Trust mean? Zero Trust has been a term that has been around a long time. Remember the X Files? Agent Molder would always tell his colleagues – “Trust no one”. That pretty much sums it up. You don’t trust anyone who […]