The current rise in cyberattacks, combined with increasing digitization across all industries, means security remains one of the top challenges of our digital age. We are continuing to see sophisticated threats develop against both customer and partner accounts — leaving our customers vulnerable. Today’s reality is that anything less than comprehensive security is no security at all, comment Andrew Smith , General Manager, Partner Program Management on his recent blog
Microsoft offers partners access to security solutions that are both proactive and easy-to-use, all with the end goal of protecting you and your customers. We recently launched the new Securing the Channel webpage as a unified hub for these products and resources. Here you can find the security best practices playbook, which includes further guidance on steps for avoiding cyberattacks, where to go for training, and how to connect with additional resources. We’ve summarized the playbook’s top five best security practices below — be sure to download the full resource for more detailed information:
#1: Learn the landscape
As security threats and tools continue to evolve, your practices should too. In the playbook, you’ll find links to the relevant resources you need to stay in the know about the principles of Zero Trust and the corresponding tools designed to help you protect against, detect, and respond to attacks. We offer various materials and trainings for you to stay up to date on new security challenges and the tools available to address them. To best serve your customers, it is important that you invest in building the skills and technical capabilities that today’s landscape demands. See the learning opportunities at the end of this blog for ways to start today.
#2: Identify and add security contacts
One security improvement you can make immediately is establishing a point of contact for security information. The security contact is an individual or group within your organization who will receive an alert if Microsoft detects a threat. The contact must have an inbox that can be monitored constantly — we recommend using a distribution list — and respond with urgency to investigate and remedy security concerns. Follow the instructions available on Microsoft Learn to designate or update your security contact today.
#3: Secure your identity
We also offer simple tools to verify users’ identities and safeguard your networks against frequent attacks — chief among them being multifactor authentication (MFA). We strongly recommend enforcing MFA for all users in tenants for you and your customers, which is why we’ve included it among the Azure Active Directory security defaults, an efficient way to enable recommended security tools for your customers. Further methods of managing access and protecting your customers and business include passwordless authentication, Azure Active Directory role management, and an identity secure score.
Security administrators are also responsible for monitoring delegated administrative privileges (DAP). Partners can strengthen customers’ security by monitoring DAP and either removing connections or migrating active DAP connections to granular delegated administration privileges (GDAP).
#4: Secure your endpoints
The best security investments are comprehensive platforms that prevent, detect, investigate, and respond to advanced threats. Microsoft Defender for Endpoint is our proprietary security solution that works to stop threats, scale defenses, and evolve your security. With components ranging from asset discovery to auto investigation, this is one way to achieve essential endpoint protection.
Partners can also use Azure Active Directory Conditional Access to enforce compliant devices. By creating a Conditional Access policy, you can ensure that all devices accessing an organization’s resources comply with selected security standards.
#5: Ongoing monitoring
Being on guard against suspicious activity means taking proactive security actions and upholding the Zero Trust framework. Help your customers enable fraud detection and notification options within Azure to identify misuse, manage nonpayment, and enable safeguards against unforeseen spending. You can also configure Azure subscriptions for cost management by creating alerts for spending above a set amount, implementing a monthly budget, and transparently tracking security investments. Monitoring users’ activities through notifications, activity logs and other tools will arm you with the necessary knowledge to identify any suspicious actions and swiftly shut down fraudulent behavior.
Take action today
While some of the steps require ongoing conversations to determine what is best for your business and customers, others you can take immediately. To begin with:
- Add a security contact to your Partner Center account: Identify your organization’s security contact and consider setting this up as a distribution list with multiple people who can respond quickly.
- Activate multifactor authentication: Enable phish-resistant MFA for your tenants and for your customer tenants. And while you’re at it, consider the rest of our recommended security defaults in Azure AD.
If you’re looking to dive deeper, consider attending a technical training session. There are 12 live events planned over the coming months, beginning on January 30. Click here for more information and to register.
Wherever you are in your security practice, the Securing the Channel webpage is your home for the playbook, training, and any other resources necessary to protect your business and customers. Let’s build a more secure channel together.