Security Concept - for low budget

Brass Contributor

Hi,

 

given the finite monetary resource of a company plus maybe some political issues here and there. Is there an advisory paper or something along these lines that describes how to get a company as secure as possible without buying into Azure AD, ATA and the (probably) necessary changes to the network itself?

 

It seems that a lot of Microsofts security roadmap is based in AzureAD and that means that data is transfered to the cloud, which some companies might not want.

 

So how can one achieve MFA, threat prevention, detection, disaster recovery without a big wallet?

 

A loaded question, I know. (seems to be my speciality)

Thank you.

8 Replies

Hi Christian, are you a small to medium size business?

 

-Chris

6000+ AD accounts, 4500+ Win Machines, 3500+ Linux, >500 MacOS Machines.

I do not have enough knowledge of the rest of the world to define whether we are small, medium or large? We are not the richest though, that is for sure.

Based on the numbers you would be considered an enterprise so our answer is going to be point you right back to the solutions you mentioned might be challenging from a budget perspective. I know it's not the answer you were looking for but I will say that the solutions are competitively priced given other market alternatives for MFA, etc.

 

I think your best bet is to work with our field or a partner to help you assess your current environment and to find the solutions that will address your top pri security concerns.

 

With respect to AAD being in the cloud we're finding customers that have been hesitant in the past, even public sector, are now open to it as we've worked closely with them to understand their concerns. We offer great transparency on how data is handled and we have worked to meet many of the compliance requirements that customers are asking for. There is still work to do in terms of helping our customers understand that the cloud can be secure and compliant with regulations, etc but don't assume this is a blocker for you. This is another scenario where a detailed conversation with our field or a partner can help your leadership understand it's a good choice.

 

-Chris

And I'll just add to Chris' answer and remind everyone - if you have a Windows license, you already have Windows Defender Antivirus built in and protecting you. No need to pay for another AV. It's an enterprise grade next-gen AV that's based on ML.

Amitai
In Sweden that would atleast make you a medium size business. Im guessing it also depends on how your company works with Cyber Risk. Looking at the new regulations, like the GDPR, I would say that the Microsoft Security Suite is an affordable option if you compare it with other product suites. Given the hefty fines just around the corner, its not really expensive at all. :)
Could I have this in writing somewhere on an official website?

For it being free (or technically, included in your Windows 10 license?)

https://www.microsoft.com/en-us/windows/windows-defender

 

And for more in-depth documentation you can go to:

https://docs.microsoft.com/en-us/windows/threat-protection/windows-defender-antivirus/windows-defend...

 

It depends on how you want to manage your company , you could have Windows Server and connect all your devices to your local Active Directory instead of AzureAD, Windows Defender is already build into Windows 10 (as it already been explained) and you could manage it using Group Policy for free. But if you want more advance management and monitoring, you will need System Center Configuration Manager.

Basically, you could have private cloud scenario where you have no connection to Microsoft public cloud like Azure. But you have to look into Return of Investment (ROI) and what you want to achieve in long term. If you see that you may spend some money on Azure and you will become more productive and you will earn more, why not invest on Microsoft Public Cloud?

You have option to chose what to do, Private Cloud, Public Cloud or Hybrid Cloud (Public + Private)