About Us

IS Decision’s UserLock enables Secure Access to Microsoft 365

IS Decision’s UserLock, the leading access control platform for on-premises and hybrid Active Directory (AD) systems, now supports single sign-on (SSO) with multi-factor authentication (MFA) utilizing current on-premises AD identities, allowing secure access to Microsoft 365 and cloud services.

To do business, today’s contemporary hybrid corporation relies on Active Directory and the cloud. With the advent of remote work, IT departments must simplify safe access to the corporate network and the cloud for both distant and on-site connections.

According to François Amigorena, President & CEO of IS Decisions, changes in user access requirements have resulted in new security concerns, which can lead to organizations adopting difficult, costly, or disruptive modifications. Organizations may benefit from an easy-to-use, non-disruptive, and cost-effective SSO solution with UserLock, which utilizes their existing Active Directory investment to protect employee access to the corporate network and cloud services, no matter where they work.

UserLock SSO supports the SAML 2.0 protocol for federated authentication of cloud apps and can be installed in minutes on a normal Windows server. To access all cloud resources, each user only needs to log in once with their existing AD credentials (and a second factor, if necessary).

Microsoft Launches Defender for Google Cloud Platform!

Microsoft has announced that their defender for cloud protection is now available for Google Cloud Platform environments as well. Threat detection and security warnings are ensured across all clouds because of this. Because many firms use a hybrid cloud solution, this benefits most consumers. Defender for Cloud is a Microsoft security product that discovers and alerts vulnerabilities in protected multi-cloud and hybrid settings monitor cloud services for threats and offer recommendations to improve security.

However, the group’s ability to support cloud solutions has been limited thus far. Another amazing partner is on the way in the form of the Google Cloud Platform or GCP for short. Microsoft revealed native multi-cloud compatibility for Amazon AWS at the Ignite 2021 conference just a few weeks ago.

Microsoft Partner Group Program Manager Gilad Elyashar revealed that Microsoft Defender for Cloud now supports Google Cloud Platform natively with CSPM and CWP capabilities, eliminating the need for Google 1st party tools.

With the addition of AWS and GCP support, businesses can now use Defender for Cloud to get a quick overview of the security health of their multi-cloud environment using Microsoft Azure, Amazon Web Services (AWS), and Google Cloud Platform (GCP), all from one place in the Defender for Cloud portal. Microsoft is now the only cloud provider that offers native multi-cloud protection for the industry’s top three platforms, thanks to GCP support.

Organizations Neglecting Microsoft 365 Applications

According to Ensono’s study, nearly half of firms are not using the entire set of tools and applications available in Microsoft 365. Most importantly, many businesses are overlooking the platform’s cybersecurity capabilities, leaving them vulnerable to attack.

Since the outbreak of the pandemic, businesses have been able to successfully adjust to the new working world owing to platforms and technologies like Microsoft 365.

Ensono conducted a survey of IT decision-makers who use Microsoft 365 to understand how businesses customize the platform for their needs. 83 % of the respondents polled say their current Microsoft 365 setup is critical to efficient business operations, while 72 % believe their current setup is cost-effective.

Despite the fact that the majority of organizations are satisfied with their Microsoft 365 setup, many are not taking full advantage of the package’s features. A substantial percentage of businesses, in particular, do not implement built-in security mechanisms.

Nearly half of individuals who reported a Microsoft 365-related breach said it was due to files being shared with other parties, while 37 percent said it was related to the impersonation of a compromised account. With the proper installation of MFA and CAC, these situations could be better protected.

Simon Ratcliffe, the Principal Consultant at Ensono, said, “While Microsoft 365 has proven invaluable for enterprises undergoing rapid transformation, not all companies have set up the platform in an optimal manner for their business. Microsoft 365 licensing inefficiencies remain a persistent problem in the market today, with firms creating additional costs by investing in third-party tools already available as part of their Microsoft 365 package. With optimization and the implementation of key security features, the platform can provide a better and more secure experience for its users.”

“However, there is no one-size-fits-all solution for every business. Each organization is unique, and therefore security requirements and the needs of users will vary. When reviewing an organization’s Microsoft 365 configuration, it is essential that the process is led every step of the way by the business context. Following a review, the Microsoft 365 environment can be optimized for specific business requirements, including maximizing the use of Microsoft 365 features to match the needs of the organization, and creating a security set-up tailored to the cybersecurity posture of the business.”

Microsoft, CISA recommend Mitigations for Zero-Day RCE vulnerability in Windows

Microsoft and government cybersecurity authorities are recommending businesses to implement mitigations to prevent a zero-day remote control execution (RCE) vulnerability in Windows operating systems cybercriminals to create malicious Microsoft Office documents.

Microsoft released a statement on their website –

“Microsoft is investigating reports of a remote code execution vulnerability in MSHTML that affects Microsoft Windows. Microsoft is aware of targeted attacks that attempt to exploit this vulnerability by using specially-crafted Microsoft Office documents.

An attacker could craft a malicious ActiveX control to be used by a Microsoft Office document that hosts the browser rendering engine. The attacker would then have to convince the user to open the malicious document. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

Microsoft Defender Antivirus and Microsoft Defender for Endpoint both provide detection and protections for the known vulnerability. Customers should keep antimalware products up to date. Customers who utilize automatic updates do not need to take additional action. Enterprise customers who manage updates should select the detection build 1.349.22.0 or newer and deploy it across their environments. Microsoft Defender for Endpoint alerts will be displayed as: “Suspicious Cpl File Execution”.

Upon completion of this investigation, Microsoft will take the appropriate action to help protect our customers. This may include providing a security update through our monthly release process or providing an out-of-cycle security update, depending on customer needs.”

Microsoft to acquire RiskIQ to boost Cybersecurity

The cloud is rapidly being used by businesses to reinvent every aspect of their operations. Customers are troubled by the increased sophistication and frequency of cyberattacks, which has expedited this digital transition through hybrid work. Microsoft announced that it has reached a definitive agreement to acquire RiskIQ, a global leader in threat intelligence and attack surface management, in order to help our shared customers gain a more comprehensive view of global threats to their businesses, better understand vulnerable internet-facing assets, and develop world-class threat intelligence.

Organizations are increasingly operating their apps, infrastructure, and even IoT applications across different clouds and hybrid cloud environments as they drive digital transformation and embrace the concept of Zero Trust. The internet is effectively becoming their new network, and it’s becoming increasingly important to comprehend the whole reach of their assets in order to decrease their attack surface.

RiskIQ assists businesses in identifying and assessing the security of their entire corporate attack surface, including the Microsoft cloud, Amazon Web Services, other clouds, on-premises, and from their supply chain. RiskIQ can help businesses detect and restore susceptible assets before an attacker can exploit them, thanks to its more than a decade of experience scanning and analyzing the internet.

RiskIQ Cofounder and CEO Elias Manousos said, “The vision and mission of RiskIQ is to provide unmatched internet visibility and insights to better protect and inform our customers and partners’ security programs. We’re thrilled to add RiskIQ’s Attack Surface and Threat Intelligence solutions to the Microsoft Security portfolio, extending and accelerating our impact. Our combined capabilities will enable best-in-class protection, investigations, and response against today’s threats.”

RiskIQ also provides worldwide threat intelligence gathered from all around the internet, crowdsourced through its PassiveTotal community of security researchers and analyzed using machine learning. To detect and neutralize attacks fast, organizations can use RiskIQ threat intelligence to obtain context on the source of assaults, tools and systems, and indicators of compromise.

The combination of RiskIQ’s attack surface management and threat intelligence allows security teams to collect, graph, and detect links between their digital attack surface and attacker infrastructure and actions, allowing them to deliver better protection and response times.

With Microsoft 365 Defender, Microsoft Azure Defender, and Microsoft Azure Sentinel, Microsoft has long been a leader in providing end-to-end cloud-native security in multi-cloud and hybrid cloud environments, helping organisations protect, detect, and respond to attacks. Microsoft  will continue with their commitment to help customers secure their growing digital estate against increased cyber threats with the purchase of RiskIQ.

Microsoft will continue to maintain, develop, and build RiskIQ’s robust customer base and security professional community. To better serve our mutual customers, RiskIQ’s technology and personnel will be a valuable complement to our security portfolio.