Have Cloud Alerting for A Proactive Protection! JM Addington

Cloud Alerting is essential, but what else can you do to prevent attackers from getting in at all?

MFA: Multifactor authentication is the #1 thing you can do, and FOR FREE, to secure your cloud environment.

  • This old hat to you? Good! Most businesses still don’t have it implemented!
  • Remember…You need MFA in everything. Even your social media accounts.

Conditional Access Policies: These are technical policies that restrict when and where users can log in. The most common one we implement at [JM Addington Technology Solutions / CyberSecureRIA] is geographical:

  • You can only log in from the USA.
  • Exceptions: Remote workers and wherever you vacation if it’s out of the country.

Turn on Email verification (DKIM/SPF): DKIM and SPF are public-facing technical records used to prove that your server sent emails – if a record doesn’t match or is missing it gets flagged as spam or malicious content.

  • This goes a long way to prevent phishing attacks. An attacker can’t use your actual domain without tripping red flags.

Turn on the built-in protections. Microsoft and Google both have protections built into their products.

  • Reality check: At [JM Addington Technology Solutions / CyberSecureRIA] we don’t see them turned on until we turn them on.

Examples include:

  • Antiphishing technology
  • Antispam technology
  • Safe Links
  • Safe attachments
  • Turning off insecure ways to login

What about all of those external sender warnings? Keep these on, but don’t confuse actual security with security theater.