Secure your digital world.
A solid security posture is more than just an end-point solution. Businesses need to know that their hardware, services and networks are protected from bad actors, whose only mission is to disrupt their activities. By utilizing internal best practices, the Microsoft Security stack, and consensus baselines provided by the Center for Internet Security (CIS), our team of security professionals conduct risk-based bench-marking exercises on Microsoft’s platforms, hardware and cloud-based services resulting in gap analysis, remediation planning and information security roadmaps and ultimately, a hardened environment.
Risk Assessment & Remediation
IncWorx will assess your organization’s security posture, produce a remediation plan and work closely with you to harden your environment. Services include:
- Risk and Vulnerability Assessment
- Remediation Planning
- Information Security Roadmaps
Microsoft Security Stack
- Azure Security Center
- Azure Advanced Threat Protection
- Office 365 Advanced Threat Protection
Microsoft Platform Security
IncWorx helps organizations securely configure these and other Microsoft technologies.
Security assessment for your Microsoft Azure IaaS cloud platform covering approximately 100 recommendations across 8 areas, including:
- Identity and Access Management
- Security Center
- Storage Accounts
- Logging and Monitoring
- Virtual Machines
- Other Security Considerations
Microsoft SQL Server 2016
Security assessment for your Microsoft SQL Server environment covering approximately 40 recommendations across 8 areas, including:
- Installation, Updates and Patches
- Surface Area Reduction
- Authentication and Authorization
- Password Policies
- Auditing and Logging
- Application Development
- Additional Considerations
**Benchmarking and remediation also available for SQL Server 2008 R2, SQL Server 2012, SQL Server 2014.
**Azure SQL is covered under Microsoft Office 365.
Microsoft SharePoint 2016
Security assessment for your Microsoft SharePoint on-premises environment covering approximately 40 recommendations across 7 areas, including:
- Access and Permissions
- Secure Infrastructure Design
- Services and Connections
- Web.Config Configuration
Microsoft Office 365
- Security Management
- Threat Protection
- Identity and Access Management
- Information Protection
Microsoft Exchange Server 2016
Security assessment for your Microsoft Exchange Server covering approximately 50 recommendations across 3 areas, including:
**Benchmarking and remediation also available for Exchange Server 2010, Exchange Server 2013.
**Exchange Online is covered under Microsoft Office 365.
Security assessment for your SharePoint Online instance covering approximately 50 recommendations across 3 areas, including:
An outside look from an unbiased third-party is crucial to a thorough security assessment.
Frequently Asked Questions
What Microsoft products do you cover?
Our security services currently support all of the following: Azure, Office 365, Exchange Online, Exchange Server, SharePoint Online, SharePoint Server, SQL Server, Windows Server.
When should we use Multi-Factor Authentication?
You should enable MFA when you require across the board, two-factor authentication. This eliminates the ability for potential attackers to simply hack or steal a password to gain access to your sensitive data.
When should we use Conditional Access Policies?
- Azure Information Protection
- Azure RemoteApp
- Azure SQL Database
- Microsoft Dynamics 365
- Microsoft Office 365 Yammer
- Microsoft Office 365 Exchange Online
- Microsoft Office 365 SharePoint Online (includes OneDrive for Business and Project Online)
- Microsoft Power BI
- Azure DevOps
- Microsoft Teams
What can Azure Advanced Threat Protection (ATP) detect?
How does Office 365 Advanced Threat Protection help?
- Scanning email attachments for malware
- Scanning web addresses (URLs) in email messages and Office documents
- Identifying and blocking malicious files in online libraries
- Checking email messages for unauthorized spoofing
- Detecting when someone attempts to impersonate your users and your organization’s custom domains