This was a 1-year Project auditing current security processes and technology, recommending upgrades and implementation for a Construction Company on the West Coast.
Project Entailed:
- Principle of Least Privileged Audit
- User Login Audit
- Cloud Security Migration
- InTune Implementation
- Development of Termination Process
- Development of Business Continuity and Disaster Recovery
- Update of Backup and Disaster Recovery Infrastructure/Processes
- Update of Firewalls and Networking Infrastructure
- Implement a rotating 90-Day Wi-Fi Password using InTune (Users noticed 0 change.)
- Automation of Device Setup via InTune
- URL Blocking for non-Safe For Work content and possible malware from embedded email URL
- Setup and Integration of Security Camera’s for company Property and Job-Sites
- Cloud Migration of Active Directory to AzureAD
- Utilization of Azure Infrastructure for better Ransomware protection
This company has ran into 3 separate Ransomware events in the same year and was looking for an update to their infrastructure to help mitigate Ransomware risk. In this project we had taken a baseline of all items, as well as access controls. From there we retired old services not in use, non-used employee accounts, closing of unused firewall ports and update of VPN Encryption and Protocols in use.
We needed to update their Backup Infrastructure to implement Immutable Backups using Veeam with Azure Repositories. This allowed full resiliency for their backup infrastructure in the event of another Ransomware event.
InTune allowed for Automatic Patching of all company devices, Security Settings and instant-updated Security Mitigations. Using OneDrive/SharePoint for Shared Files and personal user work files.
Migrated older Firewalls for Next-Gen Firewalls with Cloud Configurations. Updated Wi-Fi Access Points to allow for Wi-Fi 6 capabilities. Readdressed and migrated DHCP/DNS services from On-Prem DHCP server. This included a rotating Wi-Fi Password every 90 days.
The biggest migration piece was migrating away from On-Prem services, software and servers. Services were modernized and implemented either from Newer Service Providers or Modernization into Azure Infrastructure.
100% Success Feature Rate