Tallan’s Security Assessment is an audit and development of a new security strategy approach based on your resources and company objectives. We concentrate on the basic areas that are often the most vulnerable while examining your environment with tools like Secure Score and offer education, assistance, and remediation recommendations for identities and devices. There are four primary facets to Tallan’s approach…
Chats with Key Players An essential part of the Tallan process is partnership. Understanding the ‘why’ and ensuring goal alignment before diving into anything.
Education & Discovery Workshops Delivery of four workshops that aim to cover Scope & Objectives, Zero Trust Framework, Cloud Adoption Framework best practices, and Azure/ Office 365 Secure Score.
Assessment Findings & Recommendations Following the workshops, Tallan will assess and identify security risks, gaps, and areas of concern using Azure, O365 Secure Score, and other processes and tools. After, prioritizing vulnerabilities, Tallan will review remediation options.
Review Key Areas All unmanaged devices, unsupported operating systems, and vulnerabilities will be reviewed. Tallan will then facilitate planning with detailed next steps like cost consumption estimates, architecture, timeline, and implementation.
The most expensive component of a cyber attack is information loss, which represents 43% of costs.
purplesec.us/resources/cyber-security-statistics
Our Latest Project
Tallan recently completed a successful project with a professional services organization that provides custom software solutions for a variety of industries, using experience in Data & Analytics, Apps & Experiences, and Infrastructure & Security. Tallan provided a complete audit of their security strategy and assessment of the working environment after the firm’s leadership recognized the growing number of cyber security threats and the enormity of a future breach. To obtain visibility into their security posture, the client’s leadership wanted to examine the present platform’s security, supportability, and development potential. Tallan primarily focused on vulnerabilities such as user identities and endpoint security holes based on the evaluation.
Tallan’s Security Assessment is normally a two-week commitment funded by Microsoft.
At the beginning of this project, workshops provided education on tools and best practices, and the conversations throughout positioned Tallan to understand things that cannot be found running a tool, like, the culture of security at the client. Verification of deployment and architecture best practices, areas of broad-based security exposure that needed remediation, and identifying compromised identities were reviewed during a Scope & Objectives workshop. Because this client was mature to begin, a Cloud Adoption Framework workshop helped identify how ready they were to begin addressing outstanding security issues and how to govern the strategy moving forward. A Zero Trust Framework conversation took place, as well as a thorough workshop reviewing the client’s Secure Score with Microsoft’s Defender for Cloud.
Tallan’s security team manually reviewed servers, desktops, and software for unsupported or unmanaged devices, operating systems, and aging hardware warranty support schedules. The Tallan team reviewed Defender for Cloud Secure Scores for 390+ resources, Azure Identity Secure Scores on 200+ Azure Policies for Compliance, and Microsoft 365 Secure Scores for the client’s 140+ resources. The Secure Scores were reviewed and discussed with the client to prioritize remediation strategy and fully establish their security posture.
The latest memorandum from the White House’s Office of Management and Budget (OMB) requires agencies to achieve certain security goals by the end of 2024. These goals focus on identity, devices, networks, applications and workloads, and data — these are the five pillars described by the zero trust model of the DHS’s Cybersecurity and Infrastructure Security Agency (CISA).
www.securityweek.com
Tallan presented a risk analysis assessment that highlighted proper correction protocols and the timeframes to address them accordingly in a 30, 60, and 90 days suggested schedule. Detailed lists of the resource(s) affected were documented in addition to proposed Azure tools and an estimated monthly consumption cost to further enhance the client’s security posture. Tallan recommended making sure all VM’s had the guest extension installed for accurate policy findings, utilizing the banned password function and user policies of Azure to better secure identity. Tallan used these findings to continue to secure the environment. The client’s IT Manager noted that the engagement provided a look into “issues I had no idea I needed to address.” This client is now moving forward with additional 3-week implementation of security enrichments.
In addition to the IT sector, Tallan has helped revamp security infrastructure for a variety of industries, including manufacturing and community nonprofits.
Interested in a consultation? Click here to get started with Tallan’s Security Assessment. Or, learn more about how Tallan is helping organizations approach cyber security in 2022 and beyond.
Experience an overview of Azure Security Center and Azure Defender as part of Tallan’s March 9th Cloud Security Webinar. Register here.