Solution Highlight: Improve Your Cybersecurity Posture with ISEC7 Sphere

Data Loss Protection vs. Data Leakage Prevention
©Graphicroyalty – stock.adobe.com

Your security posture is made up of many critical components - including network, hardware, software suite, policies, data, and people – that all combined deliver an overall status of an organization’s cybersecurity readiness. In previous blog posts, we talked about the growing need for organizations to strengthen their security posture by way of a cybersecurity plan.

 

Integration with Cybersecurity Solutions

ISEC7 Sphere integrates with management and cybersecurity products, including UEM, UES and XDR solutions to retrieve and display critical information about endpoints, including:

  • Device status: Online or offline
  • Device risk: Protected or currently unsafe

o If the latter, it will display the detected threat(s)

  •  Device policy: Shows which policy is currently assigned to an endpoint, and allows you to compare it to other policies 
BlackBerry Cylance Relationship
Example: monitored endpoint protected by CylancePROTECT and CylanceOPTICS

ISEC7 Sphere gathers all the data available from all the connected systems to build relationships between all users, endpoints, and assets. This unique approach allows customers to quickly identify when a user, device, system, or whole environment is at risk, and take corresponding mitigations actions. There is no concern about having to connect to the right management console, remembering your credentials, and locating the asset and taking remedy actions. When your infrastructure encounters a security event, time is key, and ISEC7 Sphere not only will bring enhanced visibility, but also a vastly improved response time.

 

Specific Security-Related Features

In addition to ISEC7 Sphere’s ability to integrate with top cybersecurity solutions to combine information and send alerts, ISEC7 Sphere also has specific security-related features to help improve the organization’s security posture, by bringing awareness to areas which are not covered by any other supervision solution.

 

Regulatory Compliance Monitoring

Mandatory for regulated organizations (e.g., government, federal agencies, financial institutions):

  • Regulations: Ensure proper approved OS in place, no rooted/jail-broken device
  • Audit: Track, blacklist/whitelist phone calls and SMS (avoid info leaks)
  • Policy changes: Track who modifies a policy and integrate approval change process

Certificate Monitoring

Certificates are a key part of any IT system nowadays, as most communications, if not all – between endpoints and back-end systems, either locally or over the Internet – are secured end-to-end using encryption mechanisms relying on certificates (e.g., HTTPS web traffic using TLS encryption). But all certificates eventually expire, and in some cases can be revoked if compromised or replaced by a newer one.

 

ISEC7 Sphere can be configured to monitor all SSL certificates used by the systems in your organizations, so not only their expiration date is clearly displayed under its console for the respective system, but it can also generate alerts when it becomes invalid or is about to expire.

 

Furthermore, ISEC7 Sphere also helps preventing application outage due to expired certificates or application tokens, used for basic but critical tasks, from device management and deployment to bulk application purchase and distribution, by monitoring them and sending a notification when about to expire, so there are renewed on time.

 

Example: Apple certificate and token monitoring
Example: Apple certificate and token monitoring

Permissions Monitoring

For Microsoft 365, ISEC7 Sphere can display permissions used to access your tenant, to help quickly identify whenever there is an issue retrieve information from it and/or managing users and endpoints. The tool ensures itself that it has all it needs to perform its own duties!

 

Microsoft 365 API permissions
Microsoft 365 API permissions

Policy Changes Monitoring

When a policy is enabled for monitoring and rules have changed that were not yet acknowledged, the differences between the current value and the last compliant value are displayed for each changed rule. These changes can be acknowledged using the checkmark icon button in headline of the page.

 

Example: comparing changes between two CylancePROTECT policies
Example: comparing changes between two CylancePROTECT policies

Security Patch Revisions

ISEC7 Sphere can display a chart with the number of Android devices that are operating using security patch levels of the given timeframes in months, helping quickly identify which devices need to be updated, to not only improve the device’s overall performance, but most importantly, ensure said devices remain safe and protected from potential security threats.

 

Security Patch Revisions

ISEC7 Sphere can display a chart with the number of Android devices that are operating using security patch levels of the given timeframes in months, helping quickly identify which devices need to be updated, to not only improve the device’s overall performance, but most importantly, ensure said devices remain safe and protected from potential security threats.

 

Security patch level
Security patch levels

Common Vulnerability and Exploit (CVE)

ISEC7 Sphere collects Common Vulnerability and Exploit (CVE)  for monitored systems from the National Vulnerability Database (NVD), a public vulnerability repository maintained by the Cybersecurity & Infrastructure Security Agency (CISA), that provides information about known vulnerabilities. ISEC7 Sphere displays them under the affected system and can consider that information to calculate the server status. Administrators can easily click on said CVEs to review them, then acknowledge them once installed on the corresponding systems.

 

Example : CVE results for a monitored endpoint
Example : CVE results for a monitored endpoint

Microsoft 365 Secure Score

ISEC7 Sphere can retrieve and display Microsoft Secure Score, which provides a measure of a Microsoft 365 organization’s security posture, with a higher number indicating more improvement actions taken. A score of around 67% should be expected when following Best Practices.

Control scores will help individually identify which secure modules need to be enabled or improved in order to achieve a better security posture. for example, enable full mobile device encryption, use Multi-Factor Authentication (MFA) for all administrative accounts, and so on.

 

Microsoft 365 Secure Score
Microsoft 365 Secure Score

Crisis Communication Management

ISEC7 Sphere can send out alerts using any type of communication protocol, from well-known email and SMS messages, to SIEM and Syslog events forwarding, to ticketing solutions, up to leveraging Critical Event Management (CEM) solutions, all to ensure you workforce is notified accordingly and securely, in real-time, wherever they are.

 

When it comes to securing your infrastructure, here’s the bottom line: If you don’t monitor everything, you won’t get the whole picture. ISEC7 Sphere is an invaluable tool to any security-minded organization, allowing you to monitor and manage everything in your infrastructure and enabling you to quickly identify threats and take remedy action; this ultimately improves efficiency and reduces the cost of ownership and downtime.

 

We would be happy to answer any questions you may have about ISEC7 Sphere and implementing this solution for your organization. Please feel free to contact us if you have any questions or would like a demonstration. 

 

Contact

Note: Please fill out the fields marked with an asterisk.

(C) Rémi Frédéric Keusseyan, Global Head of Training, ISEC7 Group