We posted recently about the IT Security points you should cover when obtaining IT insurance for your organization. These are a good security framework for all businesses. We have shared a checklist with our clients that includes EDT, Microsoft Conditional Access Policy and spam filtering.

Here are the three most often asked questions from clients, based on the checklist, and brief explanations on each.

  1.  What is EDR Endpoint Detection Response? – This is an alternative to a basic anti-virus, and while you still need the anti-virus, insurance requires this extra level due to ever increasing threats and ability of cyber criminals to find ways into your systems. We recommend SentinelOne as the safest and most ideal solution. Traditional systems have difficulty keeping up with current threats. Using AI, this program can analyze behavior and identify malicious patterns, providing critical endpoint and identity alerts with real-time visibility from system level to identity based attacks.
  2. Microsoft Conditional Access Policy – What does it do and what do I need to add to my Microsoft 365 licensing? As stated on their website, Microsoft-managed policies are preconfigured Conditional Access policies created and maintained to help protect against common identity risks. The policy is created in your tenant in a report only state. It includes preconfigured conditions and recommended controls, such as MFA and risky sign-ins. Microsoft manages the policy template and configuration and ensures that it is current and with all security guidance.
  3. What is Spam Filtering? – This pertains to spoof emails that Microsoft does not innately block. Barracuda is recommended, because it is on the cutting edge of dealing with this kind of spam. It incorporates AI-Enhanced Defense, which uses machine learning and computer vision to identify communication anomalies, preventing social engineering attacks. There has been an issue with the rise of a new brand of “spoofed” phishing emails, and it is hitting clients who do not have a spam filtering service. These emails have particularly surged in the last few weeks.

Please reach out to us with questions about your security plan and the critical security updates you may need to implement.