Microsoft Defender series to modernize network security and consolidate its global Zero Trust strategy

Project Introduction

International IT security threats are appearing in the news with increasingly regularity. Analogously, the rapid transformation from in-person to remote working models has increased security concerns for company IT administrators. More and more companies are realizing that a ransomware attack on their networks could put valuable information at risk. Accordingly, these companies are recognizing the need for a proactive security measures that reduce future risk.

Company and Project Background

In this case study, a global leader in the IoT intelligent systems and embedded platforms market was working with their partners in an effort to co-create business ecosystems that accelerate industrial intelligence. The company in this case was seeking innovative services and solutions capable of increasing efficiency while enhancing security across diverse region-specific management systems. The necessity of such solutions was exacerbated by the digital transformation ushered in by the COVID-19 pandemic. 

Project Requirements

The company in this case lacked staff dedicated to managing their overall security. These conditions were notably acute at manufacturing facilities. In addition, they needed to complete diverse proof-of-concepts (POC) for many vendors, including CrowdStrike and FireEye, but failed to meet their clients’ specific needs. The owner in this case also needed to raise the visibility of potential threats to factory production, especially with regards to those that could impact overall revenue and delay customer deliveries. Enhancing security without affecting client side efficiency, and the use of specialist installation or configuration by administrators was also of paramount concern. The situation was exacerbated by the fact that the company had around 50 branch offices worldwide without overall, comprehensive network visibility. Indeed, each office lacked a unified security procedure. Individual branch staff were literally left to their own devices — using their own third-party solutions following the shift to remote work during the COVID-19 pandemic.

Project Description

The company made rapid progress in protecting their devices by deploying Microsoft Defender for Endpoint. It also deployed Microsoft Defender for Identity for more secure user access to the corporate network. Defender for Endpoint’s discovery capabilities helped the company develop a clearer understanding of its complex network of locations. This allowed them to develop rules that help reconfigure corresponding collection with Microsoft Azure Firewall. By taking advantage of Defender for Endpoint playbooks and automated rules, the company can raise user and administrator productivity without compromising security. Another important feature presented by these Microsoft security solutions is the ability to implement Microsoft Sentinel for SIEM/SOAR. In addition, the ability to leverage Microsoft 365 Defender for extended detection and response is also a big advantage.

Conclusion

In the end, the project owner developed a Zero Trust strategy that protects the company at multiple pre-identified points of risk. This system enables them to protect data, identity, and endpoints while providing a more secure Microsoft Teams environment. This solution also noticeably increased visibility. Indeed, a numerical assessment of the infrastructure’s security posture — in which the score increases as security recommendations are implemented — indicated a lowered risk. Using these features, a new security team was able to oversee deployment of Microsoft Security solutions while keeping internal networks and manufacturing facilities in Asia, Europe, the United States, and Australia secure and compliant.

Microsoft Defender Series Advantages

The company in this case adopted Microsoft Security as a platform in an effort to create a Zero Trust strategy. This choice was strongly influenced by the distinct advantages Microsoft provided via its holistic approach to services and security. Indeed, Microsoft has proven expertise as a designer, builder, and provider of modern workplace infrastructure — factors that set them apart from the competition. The company’s investment in the Microsoft defender series provided a modern security infrastructure, freeing them to concentrate on their core business.